🚨 BOLO CYBERSECURITY ALERT: LunaSpy Android Spyware Threatens All Users—Protect Your Law Practice Now!

/ The Tech-Savvy Lawyer.Page/

Android users must be aware of potential threats to their data!

CRITICAL THREAT ALERT 🚨 A sophisticated new Android spyware campaign dubbed LunaSpy has been active since February 2025, broadly targeting Android users via messaging apps—anyone installing its fake “antivirus” could be compromised, including legal professionals. LunaSpy spreads through Telegram, WhatsApp, Signal, and other platforms by sending messages like “Hi, install this program here,” tricking victims into granting extensive device permissions after fake security scans report fabricated threats.

Once installed, LunaSpy’s capabilities pose severe risks: it steals passwords from browsers and messaging apps, intercepts text messages (including two-factor codes), records audio and video via microphones and cameras, captures screen contents (e.g., client documents, case notes), and tracks real-time location (e.g., revealing meetings and court visits). Kaspersky researchers have linked over 150 command-and-control servers to LunaSpy’s global network, enabling continuous data exfiltration and remote command execution.

While any Android user is at risk, lawyers face heightened consequences if infected. A breach of attorney-client communications or privileged documents can trigger:

Immediate Action Steps for all Android-using legal professionals and their staff:

users are the first line of defense when it comes to preventing computer viruses on their tech!

  1. Audit and remove any unverified security or banking apps; restrict installations to Google Play only.

  2. Deploy Mobile Device Management (MDM): enforce app blacklists, remote wipe, and automated patching.

  3. Enable full-disk encryption and secure lock screens with complex passcodes or biometrics.

  4. Train staff on social engineering tactics—recognize unsolicited install prompts or links in messages.

  5. Use end-to-end encrypted desktop-based messaging for privileged communications, limiting mobile use.

  6. Establish an incident response plan: include immediate device quarantine, forensic analysis, and regulatory notification procedures.

LunaSpy is not a hypothetical risk—it’s actively compromising Android devices around the globe. Although the campaign targets the general public, legal professionals handling sensitive client data are particularly vulnerable to cascading professional, legal, and ethical consequences if infected. With over 150 active command servers and ongoing code enhancements, the threat will only escalate. Every day without these safeguards increases your exposure—act now to secure mobile devices, train teams, and reinforce your firm’s cybersecurity posture.

📢 Shout Out! ILTACON 2025 Recap: AI Revolution, Cybersecurity Imperatives, and the Exciting Legal Tech Future!

/ The Tech-Savvy Lawyer.Page/

🎉 Three Game-Changing Highlights from Legal Technology's Premier Event!

Iltacon - The only peer-created and led conference for legal technology professionals.

The corridors of the Gaylord National Resort & Convention Center just outside Washington, DC were buzzing with an energy as one fellow reporter aptly put it was the most excitement he’d seen at ILTACON in years – and the catalyst was undeniably artificial intelligence.

With over 4,000 legal professionals from 30 different countries converging in National Harbor, Maryland, from August 10-14, ILTACON 2025 delivered an unprecedented showcase of innovation. The numbers tell the story: over 225 vendors and over 80 educational sessions created a treasure trove of legal technology advancements that had attorneys and IT professionals equally captivated.

🚀 Highlight #1: AI Takes Center Stage – From Pilots to Production

The shift from AI experimentation to implementation was unmistakable. Harvey, iManage, Thomson Reuters, and Litera weren't just talking about AI anymore – they were demonstrating working solutions and real-world results.

AI agents emerged as the breakout stars. These sophisticated systems move beyond simple chatbots to become "digital colleagues" that can plan, reason, and execute complex legal tasks autonomously. The "Orchestrating Intelligence: AI Agents in the Legal Space" session showcased how these tools amplify human capabilities rather than replace them, with speakers noting that agents will be able to do much more, but with a better quality output.

iltacon was ready for it 4000+ attendees from 30+ countries!

Knowledge Management experienced a renaissance. The "KM Roundtable: Embracing the New Wave of Knowledge Management" revealed that KM professionals have become the unsung heroes of AI implementation. Without proper content governance and data structure, even the most advanced AI tools fall flat. KM teams are shifting from maintaining knowledge bases to orchestrating AI workflows and ensuring data quality.

Interoperability standards like the Model Context Protocol (MCP) are breaking down data silos. These developments signal a future where AI tools can seamlessly integrate across platforms without costly custom development.

Real-world applications dominated discussions. Sessions demonstrated concrete time savings: customers reported 50-70% time savings reaching early drafts with better consistency, while legal research showed 60%+ time savings while discovering new arguments in cross-jurisdictional litigation. The "Charting Your Search Journey in the Age of AI" session emphasized how precedent research has evolved from "finding a needle in a haystack" to having a "haystack full of needles".

🔒 Highlight #2: Cybersecurity Rises to Critical Priority

The cybersecurity focus was evident throughout the conference, with sessions like "Emerging Cybersecurity Threats in Legal Tech" and "The Yin & Yang of Cybersecurity in eDiscovery" drawing significant attendance. These sessions addressed how sophisticated cybersecurity threats present new challenges for legal organizations, from AI-driven attacks to vulnerabilities in emerging technologies.

Reporting on iltacon2025 from Gaylord National Resort & Convention Center just outside Washington, DC!

AI Ethics in Legal Writing emerged as a critical intersection between technology adoption and professional responsibility. Ivy Grey of WordRake, recognized as an Influential Woman in Legal Tech by ILTA, led compelling discussions about the ethical implications of using generative AI in legal writing. Her panel explored how lawyers can maintain ethical obligations while leveraging AI tools for document creation, emphasizing the importance of verification, maintaining independent judgment, and ensuring client confidentiality when using AI-assisted writing tools.

Security-AI integration discussions addressed prompt injection attacks, data leakage prevention, and the challenge of educating clients about AI security measures. The "Getting the Most from M365 Copilot: The Do's & Don'ts" session provided practical frameworks for rolling out AI tools while maintaining security protocols.

Document management security revealed concerning trends. Sessions highlighted how firm knowledge is scattered across OneDrive, SharePoint, Teams, and personal folders, making it difficult to locate and use effectively. Security by obscurity no longer works, as AI tools like Copilot can surface documents that were previously hidden by poor organization rather than true security measures.

🔮 Highlight #3: The Future-Forward Mindset Revolution

Keynote speaker Reena SenGupta challenged the industry with her "seven evolutions" framework, urging legal professionals to think of law firms as living organisms rather than rigid hierarchies. Her fungal network metaphor resonated deeply – emphasizing how technology professionals serve as the connective tissue enabling knowledge flow throughout organizations.

Predictive capabilities are replacing reactive approaches. SenGupta showcased how firms are moving from precedent to prediction, with examples like DLA Piper's "Compliance-as-a-Service" product that uses AI to spot minor compliance issues before they become major problems, and Paul Hastings restructuring their white-collar investigations practice around AI-powered anomaly detection.

ILTACON2025 is celebrating 45 years!

The billable hour debate intensified. The "Bill(AI)ble Hours: The Debate Continues" session explored how AI's efficiency gains might fundamentally alter legal economics, with the audience showing more support for alternative fee arrangements (AFAs) than opposition. The discussion centered on capturing value creation rather than time tracking, though the majority agreed the billable hour wouldn't disappear within the next five years.

Multidisciplinary integration emerged as essential rather than optional. SenGupta described the breakdown of the divide between legal and non-legal roles, citing examples like White & Case's integration of project managers into client teams and DLA Piper's consulting unit working hand-in-glove with lawyers. These cross-functional teams are becoming critical for delivering client value.

🎯 Strategic Takeaways for Legal Professionals

For Solo and Small Firms: While ILTACON traditionally targets larger firms, this year's vendor presentations often included scalable solutions. The key insight? Start with AI tools that integrate with existing workflows rather than requiring complete system overhauls.

For Mid-Size Firms: Investment in knowledge management infrastructure emerged as the critical success factor. The KM Roundtable revealed that firms implementing AI without proper data governance struggle to achieve meaningful results.

For Large Firms: Change management and user adoption dominated discussions. Technical capability matters less than organizational readiness to embrace new workflows. The overview from these sessions is that robust workflows and a positive organizational culture are essential building blocks for effective AI adoption.

🔧 Practical Implementation Insights

The most valuable sessions provided actionable frameworks rather than theoretical discussions. The "Actionable AI Strategy & Policy" session offered specific methodologies for balancing governance with flexibility, with speakers emphasizing the need for a mellable but strong foundational governance policy.

Vendor interactions proved particularly valuable. The exhibit hall's "Pirate's Bounty" theme encouraged exploration, and many attendees reported discovering solutions through peer recommendations rather than vendor pitches.

Technology evaluation challenges were evident. The KM Roundtable revealed "POC fatigue" as teams try to evaluate numerous AI tools while managing regular workloads, with general skepticism about which tools will have longevity.

🚢 Looking Ahead: Charting the Course

It was great catching up with The Tech-Savvy Lawyer.Page Podcast Guest (Ep. 109) Jacqueline Schafer, Founder and CEO of Clearbrief!

ILTACON 2025 demonstrated that legal technology has moved from experimental to operational. The questions are no longer "Can AI help lawyers?" but rather "How do we implement AI responsibly and effectively?"

The excitement was palpable – and justified. For technology professionals in law, this represents a career-defining moment where their expertise directly impacts firm competitiveness and client service quality.

As we navigate these transformative waters, remember that the real treasure isn't the technology itself. It's the enhanced client service, improved efficiency, and competitive advantages these tools provide when properly implemented.

Next year's ILTACON promises to build on this momentum. Mark your calendars now – this is where the legal profession's technological future gets written, one innovation at a time.

Ready to implement what you learned at ILTACON 2025? Subscribe to The Tech-Savvy Lawyer.Page for ongoing insights and practical guidance on legal technology adoption.

ILTACON 2025 Attendance Forces Postponement of Exciting TSS - Preparing Old Office Tech for Your Kids' Back-to-School Success 📚💻

/ The Tech-Savvy Lawyer.Page/

Dear Tech-Savvy Saturday Community,

Due to my attendance at ILTACON 2025 (August 10-14, 2025) at the Gaylord National Harbor Convention Center this week, this month's Tech-Savvy Saturday session originally scheduled for August 16 has been postponed until Saturday, August 23, 2025 at 12 PM EST 🕐.

This postponement presents the perfect opportunity to dive deeper into our upcoming topic: "Preparing Your Old Office Technology for Your Kids' Back-to-School Success." As legal professionals, we often have reliable office equipment that could serve our children well as they return to school. This session will explore practical strategies for repurposing scanners, laptops, printers, and other office technology to create productive learning environments at home.

Our session will cover device preparation techniques, security considerations for family use, and creative ways to transform professional equipment into educational tools. We'll discuss how to properly clean and configure devices, implement age-appropriate restrictions, and ensure data security when transitioning office equipment to personal.

Stay tuned and mark your calendars for Saturday, August 23, 2025 as we explore this practical intersection of legal technology and family needs 📅✨.

Have a Great Weekend and Stay Tech-Savvy!

ILTACON 2025: Legal AI Revolution Accelerates as Major Providers Unveil Next-Generation Platforms

/ The Tech-Savvy Lawyer.Page/

Lexis, vlex, westlaw highlight their newest ai functions!

The International Legal Technology Association’s 2025 annual conference (#ILTACON2025) in the National Harbor just outside of Washington, DC, became the epicenter of legal AI innovation as Thomson Reuters, LexisNexis, and vLex/Fastcase showcased their most advanced artificial intelligence platforms. Each provider demonstrated distinct approaches to solving the legal profession's technology challenges, with announcements that signal a fundamental shift from experimental AI tools to enterprise-ready systems capable of autonomous legal workflows.

Thomson Reuters Launches CoCounsel Legal with Groundbreaking Deep Research

Thomson Reuters made headlines with the launch of CoCounsel Legal, featuring what the company positions as industry-leading Agentic AI capabilities. This launch represents a fundamental evolution from AI assistants that respond to prompts toward intelligent systems that can plan, reason, and execute complex multi-step workflows autonomously.

The platform's flagship innovation is Deep Research, an AI feature that conducts comprehensive legal research by leveraging Westlaw Advantage’s proprietary research tools and expert legal content. According to Thomson Reuters, CoCounsel Legal combines advanced generative models with the exclusive resources of Westlaw and Practical Law, aiming to deliver trusted, up-to-date, and relevant legal analysis for practitioners. The company emphasizes that its Agentic AI operates directly within Westlaw, making use of the platform’s curated research toolset and authoritative content to enhance accuracy and reliability in legal workflows.

Thomson Reuters Launches CoCounsel Legal with Groundbreaking Deep Research

Key capabilities include guided workflows for drafting privacy policies, employee policies, complaints, and discovery requests, with Thomson Reuters planning incremental releases of new workflows. The platform addresses the critical challenge of document management system integration through federated search technology, which leverages existing Document Management System (DMS) search systems while applying AI for re-ranking and summarization.

The company also introduced Westlaw Advantage on August 13, 2025, positioned as the final versioned release of Westlaw, with future improvements delivered through continuous updates rather than new license agreements. This shift to a traditional Software-as-a-Service (aka SaaS) delivery model includes multi-year subscriptions with automatic upgrades at no additional cost.

Thomson Reuters has invested $10 billion in transforming legal technology foundations, with over $200 million annually dedicated specifically to integrating AI into flagship products. The platform already serves over 20,000 law firms and corporate legal departments, including the majority of AmLaw 100 firms.

LexisNexis Introduces ProtĂŠgĂŠ General AI with Industry-First Voice Capabilities

LexisNexis announced on August 11, 2025, the preview launch of ProtĂŠgĂŠ General AI, expanding its personalized AI assistant to include secure access to general-purpose AI models alongside legal-specific tools. This development builds on the company's March 2025 launch of the legal industry's first voice-enabled AI assistant for complex legal work. This voice feature allows users to interact naturally with the platform, guiding legal research and drafting by issuing spoken requests. The tool is designed to help legal practitioners streamline routine workflows, surface key insights, and perform drafting and search tasks hands-free, all within a secure and integrated environment.

LexisNexis Introduces ProtĂŠgĂŠ General AI with Industry-First Voice Capabilities

ProtĂŠgĂŠ's key differentiator lies in its toggle functionality, allowing users to switch between authoritative legal AI (grounded in LexisNexis content) and general-purpose AI models including GPT-5*, GPT-4o, GPT-o3, and Claude Sonnet 4. This eliminates the need to switch between different AI tools while maintaining enterprise-grade security.

The platform processes documents up to 300 pages long (a 250% increase over previous limits) and offers unprecedented personalization capabilities. It learns individual user workflows, preferences, writing styles, and jurisdictions to deliver customized responses. The system integrates with document management systems to ground responses in firm-specific knowledge while maintaining strict security controls.

Approximately 200 law firms, corporate legal departments, and law schools are participating in the customer preview program, with general availability expected later in 2025.

vLex Showcases Vincent AI Spring '25 with Studio Workflow Creation

vLex presented its Vincent AI Spring '25 Release at ILTACON 2025, highlighting enhanced agentic capabilities and the introduction of Studio, a platform allowing users to create custom workflows without coding. The company emphasized its data-centric approach, leveraging its billion-document global legal database spanning over 100 countries.

vLex Showcases Vincent AI Spring '25 with Studio Workflow Creation

vLex’s Spring ’25 release also emphasizes its Vincent Tables feature, which allows users to extract and compare key data points across large sets of documents and generate structured outputs like memos. Their General Assist capability supports drafting tasks—such as composing emails and summarizing meeting notes—within Vincent’s secure, enterprise-grade environment. Overall, vLex positions Vincent AI as a comprehensive workflow platform that delivers consistent, authoritative legal insights powered by a global database of over one billion documents from more than 100 jurisdictions.

During ILTACON, vLex also announced the 2025 Fastcase 50 awards, recognizing legal innovation leaders who are "engineering the future of legal practice". The company positioned itself as serving the "engineering minds and visionary leaders driving the legal profession's transformation".

🔎 Feature Comparison: How the Big Three Actually Stack Up

Market Positioning and Strategic Differentiation

The three providers have established distinct market positions based on their 2025 announcements. Thomson Reuters targets enterprise-level implementations, evidenced by multi-year contracts with the U.S. Federal Courts system, including the U.S. Supreme Court, and a focus on consistent, reliable workflows for large-scale legal operations.

LexisNexis emphasizes user experience and personalization, with ProtĂŠgĂŠ designed to understand individual lawyer preferences and adapt to different work styles. The voice interface represents a significant advancement in accessibility and usability, particularly valuable for lawyers with physical accessibility needs or those who prefer natural language interaction.

vLex positions itself as serving both mid-size firms and AmLaw 100 practices, emphasizing comprehensive workflow solutions and global legal coverage. The Studio platform addresses the growing demand for customizable AI workflows tailored to specific practice requirements.

Final Thoughts: Industry Impact and Measurable Results

ILTACON was a great experience - I learned and hope to share a lot!

These ILTACON 2025 announcements demonstrate the maturation of legal AI from experimental tools to platforms delivering measurable business value. Case studies reveal significant cost savings, with startups like OMNIUX reporting monthly savings of $15,000 to $20,000 in legal fees using CoCounsel.

Independent analysis shows that contract review tasks, which previously required two to two and a half hours, can now be completed in 10 minutes, representing productivity improvements of over 90%. Legal professionals report that document analysis tasks requiring days of manual work can now be completed in under an hour.

The competitive landscape now features three mature approaches: Thomson Reuters' enterprise-focused agentic workflows with deep legal research integration, LexisNexis's personalized voice-enabled AI with comprehensive model flexibility, and vLex's comprehensive workflow platform with global legal intelligence.

As legal professionals evaluate these platforms, selection criteria should include firm size, practice areas, existing technology infrastructure, required customization levels, and specific workflow requirements. The legal profession's digital transformation has clearly accelerated beyond the experimental phase, with AI becoming essential infrastructure for competitive legal practice.

But what does this mean for the solo, small-, and medium-size law forms? Stay Tuned as my analysis on that will be posted soon!

Happy Lawyering!

* (Note, the original launch was supposed to include GPT-5 but it has been pulled pending resolution of issues in its program - see MTC: Why "Newer" AI Models Aren't Always Better: The ChatGPT-5 and Apple Intelligence Reality Check for Legal Professionals! for reference).

Word of the Week: Synthetic Data 🧑‍💻⚖️

/ The Tech-Savvy Lawyer.Page/

What Is Synthetic Data?

Synthetic data is information that is generated by algorithms to mimic the statistical properties of real-world data, but it contains no actual client or case details. For lawyers, this means you can test software, train AI models, or simulate legal scenarios without risking confidential information or breaching privacy regulations. Synthetic data is not “fake” in the sense of being random or useless—it is engineered to be realistic and valuable for analysis.

How Synthetic Data Applies to Lawyers

  • Privacy Protection: Synthetic data allows law firms to comply with strict privacy laws like GDPR and CCPA by removing any real personal identifiers from the datasets used in legal tech projects.

  • AI Training: Legal AI tools need large, high-quality datasets to learn and improve. Synthetic data fills gaps when real data is scarce, sensitive, or restricted by regulation.

  • Software Testing: When developing or testing new legal software, synthetic data lets you simulate real-world scenarios without exposing client secrets or sensitive case details.

  • Cost and Efficiency: It is often faster and less expensive to generate synthetic data than to collect, clean, and anonymize real legal data.

Lawyers know your data source; your license could depend on it!

📢

Lawyers know your data source; your license could depend on it! 📢

Synthetic Data vs. Hallucinations

  • Synthetic Data: Created on purpose, following strict rules to reflect real-world patterns. Used for training, testing, and developing legal tech tools. It is transparent and traceable; you know how and why it was generated.

  • AI Hallucinations: Occur when an AI system generates information that appears plausible but is factually incorrect or entirely fabricated. In law, this can mean made-up case citations, statutes, or legal arguments. Hallucinations are unpredictable and can lead to serious professional risks if not caught.

Key Difference: Synthetic data is intentionally crafted for safe, ethical, and lawful use. Hallucinations are unintentional errors that can mislead and cause harm.

Why Lawyers Should Care

  • Compliance: Using synthetic data helps you stay on the right side of privacy and data protection laws.

  • Risk Management: It reduces the risk of data breaches and regulatory penalties.

  • Innovation: Enables law firms to innovate and improve processes without risking client trust or confidentiality.

  • Professional Responsibility: Helps lawyers avoid the dangers of relying on unverified AI outputs, which can lead to sanctions or reputational damage.

Lawyers know your data source; your license could depend on it!

ILTACON 2025 Opening: Navigating the Legal Tech Treasure Trove ⚓

/ The Tech-Savvy Lawyer.Page/

Get your legal tech plunder at #ILTACON2025

Ahoy, legal tech voyagers! ⛵ ILTACON 2025 has officially set sail at the magnificent Gaylord National Resort & Convention Center in National Harbor, Maryland, and what a spectacular opening it's been. From August 10-14, over 4,000 legal professionals interested in legal technology are charting their course through the most comprehensive bounty of legal tech innovations ever assembled.

This year's pirate theme couldn't be more fitting. Legal professionals have truly become modern-day treasure hunters, seeking out the digital gold that will transform their practices. The opening reception on Monday morning perfectly captured this spirit, with maritime merriment setting the tone for what promises to be an extraordinary week of discovery.

Among the distinguished crew of attendees, we spotted previous podcast guest Stephen Embry, the brilliant mind behind the TechLaw Crossroads blog and former chair of the American Bar Association’s Law Practice Division. His insights on artificial intelligence adoption and legal technology competency continue to guide practitioners navigating the choppy waters of digital transformation. Also making waves is Brett Burney, Vice President of NextPoint Law Group, whose expertise in bridging the chasm between legal and technology frontiers has made him a sought-after guide for firms embracing Discovery solutions.

The exhibit hall, themed as the "Pirate's Bounty," features over 225 vendors displaying their technological treasures. From AI-powered legal research tools to advanced case management systems, the bounty available to legal professionals has never been more abundant. The challenge isn't finding technology—it's selecting the right tools that will genuinely enhance practice efficiency without overwhelming existing workflows.

What makes ILTACON unique is its peer-driven approach to education. Unlike vendor-heavy conferences, ILTACON sessions are crafted by practitioners who have firsthand experience with the challenges facing legal technology professionals. This year's 80+ educational sessions span eight focus areas, ensuring every legal professional finds relevant insights to take back to their firm.

For firms with limited to moderate technology skills, ILTACON provides the perfect environment to learn from peers who have successfully navigated similar challenges. The networking opportunities alone justify the investment, as connections made here often lead to solutions for specific practice challenges.

The pirate theme extends beyond mere decoration—it represents the adventurous spirit required to succeed in today's legal technology landscape. Legal professionals must be willing to explore uncharted territories, test new solutions, and occasionally take calculated risks to discover the innovations that will give their practices a competitive edge.

#ILTACON2025

As we sail through this week of discovery, remember that the real treasure isn't the technology itself—it's the enhanced client service, improved efficiency, and competitive advantages these tools provide when properly implemented.

May fair winds fill your sails as you navigate this legal tech treasure trove! ⚓

#ILTACON2025

MTC: Why "Newer" AI Models Aren't Always Better: The ChatGPT-5 and Apple Intelligence Reality Check for Legal Professionals!

/ The Tech-Savvy Lawyer.Page/
MTC: Why "Newer" AI Models Aren't Always Better: The ChatGPT-5 and Apple Intelligence Reality Check for Legal Professionals!

Why ChatGPT-5 and Apple Intelligence Pose Hidden Risks for Lawyers: The Truth About AI in Legal Practice

Read More

🚨 BOLO: Critical Chrome Zero-Day Security Alert for Legal Professionals 🚨

/ The Tech-Savvy Lawyer.Page/

URGENT: Chrome Zero-Day CVE-2025-6558 Impacts Law Firms

🚨

URGENT: Chrome Zero-Day CVE-2025-6558 Impacts Law Firms 🚨

Critical browser flaw affects Windows & Apple devices. Attackers escape Chrome's sandbox via malicious web pages. ACTIVELY EXPLOITED.

Lawyers its generally a good idea to keep your software up-to-date in order to prevent security risks!

🔍 WHAT THIS MEANS IN PLAIN TERMS:
Your browser normally acts like a protective barrier between dangerous websites and your computer's files. This vulnerability is like a secret door that bypasses that protection. When you visit a compromised website, even legitimate sites that have been hacked, criminals can potentially access your client files, emails, and sensitive data without you knowing. The attack happens silently in the background while you browse normally.

⚠️ ACTION REQUIRED:

  • Update Chrome to v138+ immediately

  • Update Safari on Apple devices

  • Review cybersecurity protocols

🚨Legal Risks:
✓ Client confidentiality breaches
✓ ABA ethical violations
✓ Malpractice liability
✓ Trust account exposure

Don't wait - update NOW!

🎙️ Ep. 117: Legal Tech Revolution,  How Dorna Moini Built Gavel.ai to Transform the Practice of Law with AI and Automation.

/ The Tech-Savvy Lawyer.Page/

Dorna Moini, CEO and Founder of Gavel, discusses how generative AI is transforming the way legal professionals work. She explains how Gavel helps lawyers automate their work, save time, and reach more clients without needing to know how to code. In the conversation, she shares the top three ways AI has improved Gavel's tools and operations. She also highlights the most significant security risks that lawyers should be aware of when using AI tools. Lastly, she provides simple tips to ensure AI-generated results are accurate and reliable, as well as how to avoid false or misleading information.

Join Dorna and me as we discuss the following three questions and more!

  1. What are the top three ways generative AI has transferred Gavel's offerings and operations?

  2. What are the top three most critical security concerns legal professionals should be aware of when using AI-integrated products like Gavel?

  3. What are the top three ways to ensure the accuracy and reliability of AI-generated results, including measures to prevent false or misleading information or hallucinations?

In our conversation, we cover the following:

[01:16] Dorna's Tech Setup and Upgrades

[03:56] Discussion on Computer and Smartphone Upgrades

[08:31] Exploring Additional Tech and Sleeping Technology

[09:32] Generative AI's Impact on Gavel's Operations

[13:13] Critical Security Concerns in AI-Integrated Products

[16:44] Playbooks and Redline Capabilities in Gavel Exec

[20:45] Contact Information

Resources

Connect with Dorna:

Websites & SaaS Products:

  • Apple Podcasts — Podcast platform (for reviews)

  • Apple Podcasts — Podcast platform (for reviews)

  • ChatGPT — AI conversational assistant by OpenAI

  • ChatGPT — AI conversational assistant by OpenAI

  • Gavel — AI-powered legal automation platform (formerly Documate)

  • Gavel Exec — AI assistant for legal document review and redlining (part of Gavel)

  • MacRumors — Apple news and product cycle information

  • MacRumors — Apple news and product cycle information

  • Notion — Workspace for notes, databases, and project management

  • Notion — Workspace for notes, databases, and project management

  • Slack — Team communication and collaboration platform 

Hardware:

Other:

MTC: AI Governance Crisis - What Every Law Firm Must Learn from 1Password's Eye-Opening Security Research

/ The Tech-Savvy Lawyer.Page/

The legal profession stands at a crossroads. Recent research commissioned by 1Password reveals four critical security challenges that should serve as a wake-up call for every law firm embracing artificial intelligence. With 79% of legal professionals now using AI tools in some capacity while only 10% of law firms have formal AI governance policies, the disconnect between adoption and oversight has created unprecedented vulnerabilities that could compromise client confidentiality and professional liability.

The Invisible AI Problem in Law Firms

The 1Password study's most alarming finding mirrors what law firms are experiencing daily: only 21% of security leaders have full visibility into AI tools used in their organizations. This visibility gap is particularly dangerous for law firms, where attorneys and staff may be uploading sensitive client information to unauthorized AI platforms without proper oversight.

Dave Lewis, Global Advisory CISO at 1Password, captured the essence of this challenge perfectly: "We have closed the door to AI tools and projects, but they keep coming through the window!" This sentiment resonates strongly with legal technology experts who observe attorneys gravitating toward consumer AI tools like ChatGPT for legal research and document drafting, often without understanding the data security implications.

The parallel to law firm experiences is striking. Recent Stanford HAI research revealed that even professional legal AI tools produce concerning hallucination rates—Westlaw AI-Assisted Research showed a 34% error rate, while Lexis+ AI exceeded 17%. (Remember my editorial/bolo MTC/🚨BOLO🚨: Lexis+ AI™️ Falls Short for Legal Research!) These aren't consumer chatbots but professional tools marketed to law firms as reliable research platforms.

Four Critical Lessons for Legal Professionals

First, establish comprehensive visibility protocols. The 1Password research shows that 54% of security leaders admit their AI governance enforcement is weak, with 32% believing up to half of employees continue using unauthorized AI applications. Law firms must implement SaaS governance tools to identify AI usage across their organization and document how employees are actually using AI in their workflows.

Second, recognize that good intentions create dangerous exposures. The study found that 63% of security leaders believe the biggest internal threat is employees unknowingly giving AI access to sensitive data. For law firms handling privileged attorney-client communications, this risk is exponentially greater. Staff may innocently paste confidential case details into AI tools, potentially violating client confidentiality rules and creating malpractice liability.

Third, address the unmanaged AI crisis immediately. More than half of security leaders estimate that 26-50% of their AI tools and agents are unmanaged. In legal practice, this could mean AI agents are interacting with case management systems, client databases, or billing platforms without proper access controls or audit trails—a compliance nightmare waiting to happen.

Fourth, understand that traditional security models are inadequate. The research emphasizes that conventional identity and access management systems weren't designed for AI agents. Law firms must evolve their access governance strategies to include AI tools and create clear guidelines for how these systems should be provisioned, tracked, and audited.

Beyond Compliance: Strategic Imperatives

The American Bar Association's Formal Opinion 512 established clear ethical frameworks for AI use, but compliance requires more than policy documents. Law firms need proactive strategies that enable AI benefits while protecting client interests.

Effective AI governance starts with education. Most legal professionals aren't thinking about AI security risks in these terms. Firms should conduct workshops and tabletop exercises to walk through potential scenarios and develop incident response protocols before problems arise.

The path forward doesn't require abandoning AI innovation. Instead, it demands extending trust-based security frameworks to cover both human and machine identities. Law firms must implement guardrails that protect confidential information without slowing productivity—user-friendly systems that attorneys will actually follow.

Final Thoughts: The Competitive Advantage of Responsible AI Adoption

Firms that proactively address these challenges will gain significant competitive advantages. Clients increasingly expect their legal counsel to use technology responsibly while maintaining the highest security standards. Demonstrating comprehensive AI governance builds trust and differentiates firms in a crowded marketplace.

The research makes clear that security leaders are aware of AI risks but under-equipped to address them. For law firms, this awareness gap represents both a challenge and an opportunity. Practices that invest in proper AI governance now will be positioned to leverage these powerful tools confidently while their competitors struggle with ad hoc approaches.

The legal profession's relationship with AI has fundamentally shifted from experimental adoption to enterprise-wide transformation. The 1Password research provides a roadmap for navigating this transition securely. Law firms that heed these lessons will thrive in the AI-augmented future of legal practice.

MTC