On May 8, the ABA Standing Committee on Ethics issued its formal Opinion 511 entitled Confidentiality Obligations of Lawyers Posting to Listservs. As Bob Ambrogi rightly pointed out in his recent post on the Opinion, it seems odd that the ABA would issue an opinion now about a technology that has been around since the late 90s. For Bob, it brought to mind Rip Van Winkle, who slept for 20 years only to wake up in a unrecognizable world.

I agree that the timing seemed strange. However, the substance of the Opinion could relate to and reveal the Committee’s thinking about the use by lawyers of large language models (LLMs).

The Opinion deals with when a lawyer can post questions or comments on a ListServ without their client’’s “informed consent.” According to the Opinion (and clearly, under the Rules), a lawyer can only do so if there is not a reasonable likelihood that a reader could determine either the identity of the client or the matter. The Opinion also discusses what “informed consent” entails.

Applicability to LLMs

One only needs to read the Opinion’s initial summary to see where the reasoning could take the Committee with LLMs. Here is a redlined version of the Opinion’s summary with the abbreviation LLM substituted for ListServ:

“This opinion considers whether, to obtain assistance in a representation from other lawyerson a listserv discussion group, or post a commenta Large Language Model or Generative AI, a lawyer is impliedly authorized to disclose information relating to the representation of a client or information that could lead to the discovery of such information.”

The upshot of course is that if it is not reasonably likely that the identity or matter could be inferred, then the lawyer is free to use a LitServ under the implied authorization exception of Rule 1.6 (a). This authorization is assumed as part of the lawyer’s need “to carry out the representation.”

Seeking advice from knowledgeable colleagues is an important, informal component of a lawyer’s ongoing professional development

The Opinion recognizes that “Seeking advice from knowledgeable colleagues is an important, informal component of a lawyer’s ongoing professional development. Testing ideas about complex or vexing cases can be beneficial to a lawyer’s client.”

So, all is well and good for the use of LLMs, right? Not so fast. The language of the Opinion and its general thrust seems to be toward blunting the use of ListServs without informed client consent. And that poses issues for the use of LLMs as well.

The Scope of the Confidentiality Duty

A lot of lawyers misunderstand the scope of the confidentiality duty and confuse it with the concept of attorney client privilege. The confidentiality duty is in fact much broader. Under  Rule 1.6, a lawyer is not to reveal any information relating to the representation, irrespective of its source. As set out in the Opinion:

“Comment 3 explains that Rule 1.6 protects ‘all information relating to the representation, whatever its source’ and is not limited to communications protected by attorney-client privilege. A lawyer may not reveal even publicly available information, such as transcripts of proceedings in which the lawyer represented a client. As noted in ABA Formal Opinion 04-433 (2004), ‘the protection afforded by Model Rule 1.6 is not forfeited even when the information is available from other sources or publicly filed, such as in a malpractice action against the offending lawyer.’”

And:  

“Among the information that is generally considered to be information relating to the representation is the identity of a lawyer’s clients. Lawyers are generally restricted from disclosing such information even if the information is anonymized, hypothetical, or in abstracted form, if its reasonably likely that someone learning the information might then or later ascertain the client’s identity or the situation involved.”

[Emphasis added].

So, it’s not just privileged information. The breadth of the confidentiality duty, when interpreted literally, should give one some pause when chatting with ChatGPT. And in an age where AI can be used to analyze so much data, the concept of what is “reasonably likely” may be broader indeed.

Informed Consent

The Rules do, of course, provide exceptions. If the client gives their “informed consent,” it would be ok to use listservs and, by extension, LLMs. But what must be done to obtain such consent is a bit daunting. Again, to quote the Opinion:

“Informed consent” is defined in Rule 1.0(e) to denote ‘the agreement by a person to a proposed course of conduct after the lawyer has communicated adequate information and explanation about the material risks of and reasonably available alternatives to the proposed course of conduct.’”

Comments to the Rule make it clear, says Opinion 511, that this means the lawyer has to confer with the client, explain the advantages and disadvantages, and get affirmative consent. The latter means that merely plugging a use in an engagement letter without requiring the client to sign off is not enough.

The concept of informed consent becomes a little murky when it comes to LLMs

The concept of informed consent becomes a little murky when it comes to LLMs, which are constantly evolving and not yet fully understood. What is “adequate” when even computer scientists aren’t sure how LLMs do some things they do? What does “material” mean in this context? And what about “reasonably available alternatives”? Is spending 200 hours of research time to do what an LLM could do in minutes “reasonable”?

Lots of questions raised by this Opinion.

Implied Authorization

The second exception is also found in Rule 1.6: the use of a ListServ can be impliedly authorized to carry out the representation. The Opinion has this to say about the implied authorizations:

“A lawyer is impliedly authorized to consult with an unaffiliated attorney in a direct lawyer-to-lawyer consultation and to reveal information relating to the representation without client consent to further the representation when such information is anonymized or presented as a hypothetical, and the information is revealed under circumstances in which ‘the information will not be further disclosed or otherwise used against the consulting lawyer’s client.'”

But the authorization only goes so far as to protect disclosure of non-prejudicial information

But the authorization only goes so far as to protect disclosure of non-prejudicial information. Of course, most of the time, you want to use tools like listservs and LLMs to deal with problems which by definition could involve prejudicial information.

Another Danger

There is another thing lurking in the Opinion that may spell trouble for the use of LLMs. The Opinion says disclosing information to another lawyer you know, even if not affiliated, is far different than using a ListServe, where the information is disseminated to a broader group which may include people (lawyers) you don’t know. According to the Opinion:

“Participation in most lawyer listserv discussion groups is significantly different from seeking out an individual lawyer or personally selected group of lawyers practicing in other firms for a consultation about a matter. Typical listserv discussion groups include participants whose identity and interests are unknown to lawyers posting to them and who therefore cannot be asked or expected to keep information relating to the representation in confidence… Additionally, there is usually no way for the posting lawyer to ensure that the client’s information will not be further disclosed by a listserv participant or otherwise used against the client. Because protections against wider dissemination are lacking, posting to a listserv created greater risks than the lawyer-to-lawyer consultations envisioned by ABA Formal Ethics Opinion 98-411.”

Under this restrictive reasoning, using an LLM may be even more problematic

Under this restrictive reasoning, using an LLM may be even more problematic since not only is the information going to dreaded “non-lawyers,  you often aren’t sure where it’s going.

The Impact

The conclusion of the Opinion says it all. A lawyer can use a ListServ without consent if and only if “discussions such as those related to legal news, recent decisions, or changes in the law, without a client’s consent, if the lawyer’s contributions will not disclose information relating to a client representation.”  And even here, the Committee cautions that even general comments about the law may permit other users to identify the client.

Anything else: you need consent, a consent that’s designed to be arduous to get. If you follow this reasoning, the Committee is setting up to attempt to severally curtail the use of LLMs in the profession.

By taking such a restrictive view, the Committee may be setting itself up to either walk back some of its comments or double down on LLMs in the future. Only time will tell.