🎙️ Ep. #137 - How Lawyers Can Protect Kids Online: COPPA 2.0, Age Assurance, and AI Chatbots with FOSI’s Andrew Zach 👨‍⚖️🔐

/ The Tech-Savvy Lawyer.Page/

My next guest is Andrew Zach, Senior Policy Counsel at the Family Online Safety Institute (FOSI), where he works at the intersection of technology, privacy law, and child online safety policy in Washington, DC. In this Tech‑Savvy Lawyer.Page episode, we unpack what family‑centered online safety really means for practicing attorneys, from intake forms and client portals to law practice management systems, social media, and rapidly evolving AI chatbots. Andrew explains COPPA and the proposed COPPA 2.0, explores how states and countries are experimenting with age assurance, and offers practical guidance for lawyers who handle sensitive images, minors’ data, and AI‑driven tools while staying compliant and supporting parents. If you are an attorney, legal professional, or a tech‑curious parent, this conversation will help you make smarter, safer choices about how you use technology in and around your law practice.

Join Andrew and me as we discuss the following three questions and more! ⚖️💻

  1. What are the top three practical steps every lawyer should take to bake in family‑centered online safety when designing client‑facing tech, websites, portals, intake forms, messaging, and social media?

  2. What are the top three technology tools or configurations law firms should implement to better protect children and teens who may be affected by legal technology, whether they are direct clients in a family matter or simply sharing devices with adult clients?

  3. If you were advising bar associations and practice‑area leaders, what would be the top three CLE or policy priorities to ensure lawyers responsibly use AI, client portals, and other digital tools while supporting parents and caregivers in keeping families safe online?

In our conversation, we cover the following ⏱️

  • 00:00 – Welcoming Andrew and his current tech setup: MacBook Pro, external monitor, iPhones, and wired Bose headphones 🎧

  • 01:00 – What is FOSI and how it works across policy, digital parenting, and industry best practices to keep families safer online 🌐

  • 02:00 – COPPA basics: verifiable parental consent for under‑13 data, why COPPA is dated, and the patchwork of state privacy laws filling the federal gap 📜

  • 03:00 – California privacy leadership, international regimes (like Europe), and why the US needs a comprehensive data privacy law with limits on collection, use, storage, and sale of personal data 🧩

  • 04:00 – HIPAA, SOC 2, agentic AI chatbots on legal websites, and why notice, consent, and data minimization matter for law firms adopting AI‑driven intake and support tools 🤖

  • 05:00 – Data minimization as a safeguard when storage or breaches go wrong; retention and disclosure issues in worst‑case scenarios 📂

  • 05:30 – Handling sensitive images in legal practice (family photos, abuse evidence) and why state‑by‑state rules make it hard to manage online safety and data privacy consistently 🧾

  • 06:00 – Why a stronger federal law is needed, and what COPPA 2.0 (Children and Teens Online Privacy Protection Act) could change, including raising the age of digital consent and protecting teens from targeted advertising 🎯

  • 07:00 – Everyday scenarios: sharing kids’ photos with family, private messaging vs social media, and why limiting audience and avoiding “questionable” content is critical 👨‍👩‍👧‍👦

  • 08:00 – Why “private” Facebook accounts with many friends still are not private enough for potentially risky images and what safer sharing looks like 🔒

  • 09:00 – Keeping audiences limited in litigation and family law contexts while complying with legal guidelines for highly sensitive evidence 📁

  • 10:00 – Defining age assurance vs age verification, and how tools like facial age estimation, IDs, and self‑declaration fit into online safety compliance 🧑‍💻

  • 11:00 – International and US examples: UK social media age checks, Australia’s age assurance trials, and Texas cases on adult sites and app‑store‑level verification ⚖️

  • 12:00 – Free Speech Coalition v. Paxton upholding age verification for adult sites versus the App Store Accountability Act’s broader mandate and why it was enjoined 🏛️

  • 13:00 – Financial harm to parents from kids’ unsupervised app purchases and concerns about access to “harmful content” through apps and social media 💳

  • 14:00 – Is there such a thing as “age insurance”? Exploring liability, coverage, and why Andrew is not aware of a product like that 🧾

  • 15:00 – Apple vs Facebook on data tracking: long terms of service, Apple’s “Ask App Not to Track” pop‑up, and “arms race” messaging around personalization and privacy 📲

  • 16:00 – Communicating data practices clearly to users and kids; age‑appropriate disclosures and the role of legislation in requiring plain‑language privacy notices 🧠

  • 17:00 – “Kids’ accounts” on platforms like Instagram, retrofitting protections vs safety by design, and what private‑by‑default, constrained communication can look like for teens 🧒

  • 18:00 – Culture of responsibility: six entities in online safety (industry, policymakers, law enforcement, educators, kids, and families) and FOSI’s free digital parenting resources 📚

  • 19:00 – Why expecting parents to customize every app setting is unrealistic and how safety‑by‑design and data‑minimization can reduce that burden 🛠️

  • 20:00 – Parental responsibility vs platform responsibility, and how making parental controls easier (e.g., YouTube teen account setup time) can encourage meaningful engagement 👪

  • 21:00 – Recent cases in New Mexico and California: addiction, mental health, platform design, and new legal strategies targeting harms beyond specific content 🧑‍⚖️

  • 22:00 – The Joe Camel analogy, marketing to kids, and why FOSI avoids equating social media directly with tobacco while still pushing for better design safeguards 🚭

  • 23:00 – Features like “take a break” and limits on infinite scroll; designing for vulnerable users and younger audiences from the outset 🧱

  • 24:00 – AI chatbots in legal practice: risks of emotional dependence, mental health harms, and why unregulated bots should not replace trained professionals in sensitive contexts 🧩

  • 26:00 – How often teens and families are using generative AI, and the emerging theme of stricter rules or disclosures for legal, medical, and financial advice from chatbots 🧮

  • 27:00 – Disclaimers and transparency for client‑facing chatbots on law firm sites; state‑by‑state experimentation and potential new duties for lawyers using AI in practice 💬

  • 28:00 – The White House’s national AI policy framework, its child‑safety focus, and the need for congressional action, preemption questions, and national standards 🇺🇸

  • 29:00 – Why bar associations and lawyers should track AI policy developments closely as they intersect with ethics, confidentiality, and family online safety 🔍

  • 30:00 – FOSI’s “good digital parenting” resources, device agreements, and practical scripts for setting expectations with kids about devices and online behavior 📄

  • 31:00 – Where to find Andrew online, including FOSI’s website and his “Andrew the Policy Guy” content on LinkedIn and TikTok 📲

RESOURCES

Connect with Andrew 🌐

Mentioned in the episode 📝

Hardware mentioned in the conversation 🖥️

Software & Cloud Services mentioned in the conversation ☁️

REMINDER! Come Meet Michael! Launch Party 🎉 for The Lawyer's Guide to Podcasting (May 20)!

/ The Tech-Savvy Lawyer.Page/

come meet the author May 20, 2026 in Bethesda, md.

If you’re still deciding about the May 20 launch party for The Lawyer’s Guide to Podcasting, here are three concrete things you’ll walk away with:

  • A simple, lawyer‑tested podcast setup you can actually maintain

  • A checklist of ethical and confidentiality questions to ask before you hit publish

  • A few ready‑to‑use episode ideas tailored to your practice area

Looking forward to seeing you may 20, 2026.

Join us on Wednesday, May 20, 5:30–7:30 PM, at 4704 North Chelsea Lane, Bethesda, MD 20814. Please RSVP by midnight on Monday, May 18, so we can plan for food, drinks, and space!

👉 RSVP on Eventbrite: https://www.eventbrite.com/e/book-launch-party-the-lawyers-guide-to-podcasting-tickets-1988334439834

I can’t wait to see all of you!!! 🤗

MTC: Summer Vacation Cybersecurity for Lawyers: Essential Tech Tips to Protect Client Data on the Go 🌴💻

/ The Tech-Savvy Lawyer.Page/

Lawyers: Never Skip Your VPN — Even on Vacation!

For many lawyers, “summer vacation” now means answering client emails from the beach house, reviewing drafts on the cabin deck, and jumping into Zoom hearings from hotel rooms. 🌞📶 Work rarely stays at the office, and our laptops and phones have become permanent carry‑ons even when we swear we are taking real time off. That always‑on reality turns every summer trip into a rolling cybersecurity and ethics test.

When you travel with devices that touch client matters, you are also traveling with privileged information, trade secrets, and personal data that fall squarely under ABA Model Rules 1.1 and 1.6. Competent representation now includes understanding the benefits and risks of the tech you use, and reasonable efforts to protect client confidentiality do not pause when you turn on your out‑of‑office message. The goal is not to shame lawyers for working on vacation; it is to make sure that when you inevitably do, your tech setup supports both your ethics and your relaxation. 😎

Pack Light: A “Minimum Data” Mindset for Vacation

The safest client data is the data that never leaves your office or your secure cloud in the first place. 1Password’s travel guidance and broader cybersecurity advice emphasize carrying only what you truly need when you hit the road. For summer trips, this translates into a deliberate “minimum data” mindset.

Before you leave, decide which matters genuinely might need your attention while you are away and which can safely wait until you return. Archive or unsync closed files and non‑urgent matters from your travel devices so they are not riding along to the resort, rental home, or national park lodge. For some practices, this may not be feasible when your current work may rely on prior drafts in similar cases.  But when feasible, consider using a “travel profile” or even a separate, cleaner laptop with access only to essential tools and a limited subset of client documents.

This approach directly supports your duty under Model Rule 1.6(c) to make reasonable efforts to prevent unauthorized access to client information by reducing the amount of sensitive material that could be exposed if a device is lost, stolen, or inspected. It also makes vacation feel less like moving your entire office to a different ZIP code, allowing you to focus on what really needs to be done and hopefully enjoy your vacation a little more.

Smart Lawyers Activate Travel Mode Before Every Flight.

Password Managers and Travel Mode: Your “Vacation Vault”

Strong, unique passwords are non‑negotiable for lawyers, and summer vacation does not change that. 1Password and similar tools exist precisely so you do not reuse easy‑to‑type passwords while you juggle boarding passes, sunscreen, and kids at the gate. (Note: I am a paying user of 1Password and have used their product for many years!  Also, I may earn a commission on any link used from this blog.)

Use a reputable password manager to generate and store complex, unique passwords for all your accounts—email, practice management, cloud storage, airlines, hotels, and rental car services. Store digital copies of your ID, bar card, and key travel documents in a secure vault instead of leaving them scattered across your inbox or photo roll. That saves time on the road and keeps sensitive personal and professional information encrypted.

For summer travel, 1Password’s Travel Mode is particularly valuable. You can mark certain vaults as “safe for travel” and remove more sensitive vaults from your devices with a single toggle before you leave. If your phone or laptop is inspected at a border or compromised in a crowded tourist spot, the most sensitive client logins and documents are simply not there. From an ethics perspective, that is a concrete, defensible step toward preserving client confidentiality.

Vacation Wi‑Fi, VPNs, and Hotspots: Don’t Trust the Beach House Network

The Wi‑Fi at your beach rental, resort, or lakeside Airbnb may be convenient, but it is rarely secure. Past guests often know the password, routers may be poorly configured, and attackers sometimes target popular tourist areas with rogue access points. For lawyers who are logging into email, document systems, or court platforms from these networks, that is a serious problem.

Secure Client Data Anywhere — Use Your Phone's Hotspot!

A Virtual Private Network (VPN) should be standard equipment for any lawyer working on vacation. A good VPN encrypts your traffic between your device and the VPN provider, making it much harder for eavesdroppers or compromised networks to capture sensitive information. Legal tech sources and security professionals consistently recommend that lawyers use reputable VPN providers with strong encryption and clear no‑logs policies.

In practice, treat any shared vacation Wi‑Fi as hostile. Turn on your VPN before accessing client email, cloud storage, or remote desktop tools. Better yet, follow The Tech‑Savvy Lawyer’s advice and rely on your smartphone’s hotspot for truly sensitive work; modern cellular networks often provide stronger encryption and a more reliable, if not many times faster, performance than hotel or rental Wi‑Fi. This level of care is rapidly becoming part of what “reasonable efforts” and basic technology competence mean for a traveling lawyer.

Device Hardening for Summer Travel: Encryption, Passcodes, and Biometrics

Summer travel is chaotic. Devices slide between airplane seat cushions, get forgotten in rideshares, or are grabbed from café tables. Full‑disk encryption and strong authentication are your last lines of defense when something goes wrong.

Know Your Rights when crossing international boarders: Encrypted Devices Protect Client Privilege

Make sure full‑disk encryption is enabled on every device you bring—FileVault on macOS, BitLocker on Windows, and built‑in encryption on modern iOS and Android devices. Use a long, alphanumeric passcode rather than a short PIN, and configure automatic locking after a brief period of inactivity so a phone left by the pool does not stay unlocked.

When you are approaching international borders, consider temporarily disabling biometrics so that unlocking your device requires a passcode instead of a fingerprint or facial scan. 1Password’s Travel Mode can again help by ensuring that the most sensitive client vaults are not present on the device at all if a border search occurs. If agents request access, clearly state that the device contains privileged material and that you are an attorney, in line with guidance that privilege should trigger additional care. These steps show you are actively trying to protect client confidentiality, not ignoring the issue.

Two-Factor Authentication and Account Hygiene on Holiday

Account compromise can ruin a vacation as quickly as a lost suitcase. Enable two‑factor authentication (2FA) on your critical accounts—email, practice management, document repositories, and your password manager—before you leave. App‑based authenticators and hardware keys are generally more reliable and secure than SMS codes, especially when you are roaming internationally or in areas with spotty service.

Review account recovery options in advance so that a locked‑out account does not turn into an emergency while you are halfway around the world. Monitor sign‑in alerts from your major accounts during and after the trip so you can quickly respond to any unfamiliar activity. This sort of “account hygiene” supports your duties of competence and confidentiality and gives you practical peace of mind while you try to enjoy some downtime.

A Simple Summer Travel Checklist for Lawyers

For lawyers with limited to moderate tech skills, the key is a repeatable routine rather than a complex security project. A short checklist before each summer trip can go a long way:

Every Traveling Lawyer should use a Pre-Trip Security Checklist!

  • Backup all devices, apply pending updates, and confirm full‑disk encryption is enabled.

  • Clean your devices by removing non‑essential client data and logging out of unused accounts.

  • Configure your password manager, mark travel‑safe vaults, and turn on Travel Mode if available.

  • Install and test your VPN, and verify you know how to enable your phone’s hotspot.

  • Confirm 2FA works from where you will be, especially if traveling abroad.

This checklist supports the ABA’s technology competence expectations and makes your vacations less stressful because you are not improvising security on hotel Wi‑Fi at midnight. It respects the reality that today’s lawyers must often take their work—and their devices—with them, while still honoring their core obligations to clients.

Summer is supposed to be restorative. With a bit of planning, smart use of tools like VPNs and 1Password’s Travel Mode, and an eye on your Model Rule duties, you can protect client data and your own peace of mind at the same time. 🌴🔐

Save Travels!!! 🌴💼✈️

MTC

🎙️ TSL.P Ep. #135: Ethical AI, Paperless Practice, and Smart Hardware Choices with ABA LTRC Chair Alan Klevan ⚖️🤖

/ The Tech-Savvy Lawyer.Page/

My next guest is Alan Klevan, a veteran personal injury lawyer and Chair of the ABA Law Practice Division’s Legal Technology Resource Center (LTRC), known for running one of the first paperless practices in New England and for his clear-eyed approach to AI in law. In this live episode recorded at the ABA Spring Conference in San Diego, Alan and I dig into how solos and small firms can use AI, case management platforms, hardware, and workflows to practice more efficiently while honoring their ethical duties and protecting client confidentiality.

Join Alan Klevan and me as we discuss the following three questions and more!

  • What are the top three ways Alan uses AI and other tech tools to control discovery and document management at scale, protect client confidentiality, and communicate complex case progress to clients who only care that it is accurate and on time?

  • As Chair of the ABA Law Practice Division’s Legal Technology Resource Center, what top three technology practices does Alan wish every small or solo lawyer would adopt in the next 12 months?

  • What were the three most important technology decisions Alan made early in his career around paperless workflows, practice management, automation, and AI‑powered research—and how can today’s practitioners follow that lead?

In our conversation, we covered the following:

  • [00:00:00] Live from the ABA Spring Conference in San Diego, introducing Alan Klevan and the setting of the conversation 🌴

  • [00:00:30] Alan’s mirrored bi‑state setup: two Lenovo i7 laptops in Massachusetts and Florida, dual 24" HP HD monitors, two ScanSnap iX1600 scanners, laser printers, and Microsoft OneDrive syncing between offices 💻📠

  • [00:01:10] Traveling with a third “road warrior” Lenovo laptop, iPhone as primary smart device, and using the reMarkable 2 tablet for handwritten notes that sync into client and ABA files ✍️

  • [00:01:45] Early impressions of the Plaud (AI wearable) device, background-noise muting, and why Alan limits it to non‑critical meetings due to privilege concerns 🎧

  • [00:02:20] Judicial skepticism about AI recording tools in court; motion practice, privilege issues, and a New York judge flatly banning AI recorders in the courtroom 🚫

  • [00:03:10] AI hallucinations in legal practice, roughly 1,300 known hallucination incidents, and why the real problem is lawyers not checking citations—highlighted by a recent Oregon sanctions case 💸

  • [00:04:00] The Oregon lawyer who tried to “fix” hallucinated citations with a motion to refile instead of candor to the court and opposing counsel, and how that became a fraud‑on‑the‑court issue under the Oregon Rules of Professional Responsibility

  • [00:04:45] Using Google Scholar as an AI‑prompting “hack” to verify every citation and case suggested by AI tools 🔍

  • [00:05:20] Question 1 restated: top three ways Alan uses AI and tech to (1) control discovery, (2) protect confidentiality and ethical duties, and (3) communicate complex case progress to clients

  • [00:05:45] Drafting AI and social media policies directly into contingency‑fee agreements so clients do not post about their case or use open‑source AI on case‑related issues 📜

  • [00:06:30] Hepner and Warner: open‑source vs enterprise AI, attorney–client privilege, work product concerns, and emerging discoverability questions for public‑facing AI platforms

  • [00:07:20] Trap for the unwary: why Alan insists clients notify him before using AI on their case and why he prefers enterprise versions of AI for better protection and governance 🧠

  • [00:08:10] The Nippon Life Insurance case: client uploads attorney communications into ChatGPT, asks if her lawyer is gaslighting her, then files 44 AI‑drafted motions—raising product liability and disclaimer questions for AI vendors 🏛️

  • [00:09:30] Court pushback on AI disclaimer language, defective product theories, and the infancy of AI‑related legal liability

  • [00:10:10] Alan’s big personal‑injury “Aaron Brockovich‑type” case with a deep‑pocket defendant and using AI to level the playing field on litigation management and motion practice ⚖️

  • [00:11:00] Feeding facts, parties, defense counsel names, and pleadings into a case management system with a built‑in, highly accurate legal AI component (VL) and generating 50‑state case research for negligent infliction of emotional distress claims 📂

  • [00:12:00] Running the same matter through two AI platforms (case management AI and Claude) to compare outputs, reduce hallucination risk, and mold responses to Alan’s writing style and Massachusetts practice

  • [00:13:00] Using Claude (enterprise tier) to draft an opposition to a motion to dismiss seven emotional‑distress claims, followed by manual review and cross‑checking in the case management AI—leading to the defendant’s motion being denied ✅

  • [00:14:15] Alan’s process for verifying AI outputs: second set of “AI eyes,” Google Scholar citation checks, and lawyer‑level review of every filing

  • [00:15:00] Advice for new attorneys: try AI platforms before buying, choose a tool that fits your workflow, avoid shiny‑object syndrome, and do not over‑commit to annual plans while the market is moving fast 🧩

  • [00:16:00] Michael’s caution about yearly plans, vendor lock‑in, and ensuring your data is nimble enough to move between AI platforms without costly migrations

  • [00:16:45] Alan’s rule: do not chase every AI; become a master of one platform, learn it deeply, and resist the temptation to constantly switch 🧠

  • [00:17:10] Both hosts stress “review, review, review”—AI as a law librarian or 3L intern, not as your practicing lawyer, and the concept that AI does not have a JD 🎓

  • [00:18:00] Anecdote from 1990: Alan is sent to court unprepared, gets sent out of the courtroom to learn his file, and how that story frames his modern view of AI oversight and responsibility

  • [00:19:10] Question 2: as LTRC Chair, Alan’s top three technology practices every small or solo lawyer should adopt in the next 12 months

  • [00:19:30] Tech Practice #1: invest in a fast machine (Windows or Mac) with as much RAM and storage as you can reasonably afford, and strip the “crapware” off box‑store Windows machines 🖥️

  • [00:20:10] Discussion of Apple vs Windows pricing, the need for more than 16 GB of RAM, multi‑core processors, and why Alan buys Lenovo laptops with 32 GB RAM and expects 3–4 year laptop lifespans 💾

  • [00:21:30] Backups and storage: redundant cloud backups, redundant hard drives, using external 5 TB drives from Staples, and keeping active machines “clean” for better AI performance

  • [00:22:30] Tech Practice #2: immerse yourself in what is happening with AI and law practice, become a master of one AI platform, and continuously read ethics and disciplinary decisions about AI use 📚

  • [00:23:15] Tech Practice #3: your head is your most important piece of technology—using judgment, stepping back to assess risks, and making sure anything submitted to court or client is accurate

  • [00:24:00] Economic access, hardware costs, and why Alan still believes lower‑resource attorneys can get workable hardware by being strategic about purchases, specs, and lifecycles

  • [00:25:10] Michael’s storage philosophy: lots of local SSD, multiple backups, and revisiting older briefs and arguments (e.g., mailbox‑rule analysis) to build new work more efficiently

  • [00:26:10] Disk space versus backup strategy, internal vs external drives, cloud vs local files, and disaster recovery considerations

  • [00:27:20] Question 3: top three early technology decisions Alan made around paperless practice, automation, and AI‑powered research

  • [00:27:40] Answer #1: going fully paperless in 2005—the first paperless practice in New England—and eliminating almost all postage costs by sending encrypted electronic communications and demand packages ✉️

  • [00:28:15] Answer #2: becoming a power‑user of Adobe Acrobat and PDF workflows so he can respond to massive production requests (e.g., 10,000 pages) in seconds instead of hours 📑

  • [00:29:00] Answer #3: adopting case management platforms with AI‑driven workflows that automatically assemble record requests, HIPAA authorizations, and certifications for medical providers

  • [00:29:45] Dusty hardware: why Alan’s printer and ScanSnap are seeing less use, yet scanners remain necessary for partners who still prefer paper and non‑electronic delivery 🖨️

  • [00:30:20] Michael’s own shrinking paper consumption, stamps.com, and transitioning to PDF‑based workflows with secure electronic delivery

  • [00:31:00] Adobe Acrobat as “gold standard” for lawyers, why every attorney must understand PDFs deeply, and Alan’s “learn it, love it, live it” mantra 📄

  • [00:31:40] Bonus segment: what the ABA Legal Technology Resource Center (LTRC) is, its role as a “delivery board,” and how it serves both the Law Practice Division and the broader ABA membership 🏛️

  • [00:32:20] LTRC’s four pillars of law practice management—marketing, technology, practice, and finance—and how it delivers content via Law Technology Today, webinars, podcasts, and roundtables

  • [00:33:10] 2024–25 LTRC theme: AI‑centric content from intake through trial, and why Alan believes LTRC may become the ABA’s most important board for practitioners navigating AI

  • [00:34:00] Using AI for law‑firm marketing, content creation, case‑law recaps, and SEO—along with warnings about legal advice, PII, and AI‑generated “SEO articles” that sound inauthentic

  • [00:35:00] Call to action: join the ABA Law Practice Division and LTRC, become one of roughly 30 tech‑focused thought leaders, and help shape AI guidance for the profession 🙌

  • [00:36:00] Where to find Alan: why he is minimizing social presence during a major move and high‑stakes case, and the best way to reach him on LinkedIn

Hardware mentioned in the conversation

Software & cloud services mentioned

TSL Labs 🧪 Bonus: Deep Dive on our April 27, 2026, Editorial, MTC: Smart Recording, Client Secrets, and HeyPocket: What Every Lawyer Needs to Know in 2026 📱⚖️

/ The Tech-Savvy Lawyer.Page/

📌 To Busy to Read This Week’s Editorial?

Join us for an AI-powered deep dive into the ethical challenges facing legal professionals in the age of generative AI. 🤖 In this episode, we unpack how AI note takers and “always-listening” devices can quietly route client secrets to third-party vendors, why that matters under the ABA Model Rules, and how a 2026 federal decision out of the Southern District of New York turned one defendant’s AI chats into discoverable evidence. Whether you are a solo practitioner, in-house counsel, or a tech-curious professional in another field, this conversation will help you balance convenience with confidentiality and avoid turning your favorite AI assistant into your biggest evidentiary risk.

👉 Before your next client meeting, listen to this episode, check out our editorial, and run your current AI tools through the checklist we outline—then subscribe and share with a colleague who is still “just trusting the app.” 🎧

In our conversation, we cover the following:

  • 00:00 – The “ambient microphone” problem: phones, smart speakers, wearables, and connected cars as a continuous surveillance layer around client conversations.

  • 01:00 – How technology competence has shifted from locking file cabinets to understanding data custody, cloud routing, and API-driven services.

  • 02:30 – What makes AI note takers like HeyPocket different from passive telemetry and why capturing the spoken “payload” changes the threat model.

  • 04:00 – The invisible “third party in the room”: routing privileged audio through external AI models and the malpractice risk of default “Allow” clicks.

  • 05:30 – Applying ABA Model Rules 1.1 and 1.6 to AI workflows: competence, confidentiality, and “reasonable efforts” in a world of automated transcription.

  • 07:00 – Risk-based analysis from ABA Formal Opinions 477R and 498: weighing sensitivity, likelihood of disclosure, and available safeguards before using AI.

  • 08:30 – Why secretly recording clients or opponents with AI tools can implicate Rule 8.4(c), even in one‑party consent jurisdictions.

  • 10:00 – Inside United States v. Heppner (SDNY 2026): how public generative AI platforms destroyed privilege and work-product protections for a criminal defendant.

  • 12:00 – How AI training and tokenization work, why “military‑grade encryption” does not save privilege if terms of service allow internal data use.

  • 14:00 – Treating every AI note taker like an outsourced e‑discovery vendor: NDAs, retention policies, security audits, and data destruction timelines.

  • 16:00 – Practical minimization strategies: defaulting to no recording, segmenting AI-generated content by matter, and restricting access via role‑based controls.

  • 17:30 – Establishing bright-line “no‑AI” categories (criminal defense, internal investigations, sensitive family/immigration, high‑value trade secrets).

  • 18:30 – Counseling clients not to “prep their case” with public chatbots after Heppner and why this is now part of competent representation.

  • 19:30 – Building a simple vendor-vetting checklist for law firms and professional practices adopting AI note takers.

  • 20:00 – Looking ahead: when failure to use secure, vetted AI may itself become a competence issue due to inefficiency and overbilling.

  • 21:00 – Rethinking privilege in a world where an algorithmic “third party” is always in the room and devices are never truly off

RESOURCES

Mentioned in the episode

MTC: Hidden AI, GEO, and the ABA Model Rules: What Every Lawyer Needs to Know Before Their Next Client Finds Them Online ⚖️🤖

/ The Tech-Savvy Lawyer.Page/

Generative AI is already talking about you, your law firm, and your practice area—even if you have never opened ChatGPT. 😳 Clients ask AI tools legal questions in natural language, and those systems answer by pulling from whatever content they trust online. For lawyers, that raises two intertwined issues: “hidden AI” inside everyday tools and the rise of Generative Engine Optimization (GEO). Together, they sit squarely in the path of your duties under the ABA Model Rules.

Legal Ethics Meets GEO and Hidden AI!

Hidden AI is everywhere in modern law practice tools. Microsoft 365 suggests text, summarizes long email threads, and drafts documents. Zoom transcribes and sometimes “enhances” meetings. Practice‑management platforms now market AI assistants that review documents, summarize matters, and even suggest next steps. Much of this AI runs quietly in the background, so it is easy to forget it exists—or to assume it is “just another feature.” Yet under ABA Model Rule 1.1, technological competence now includes understanding the benefits and risks of the technology you choose for your clients’ work. You cannot competently supervise what you do not even realize is there.

At the same time, AI tools sit on the front end of client development. When a potential client types, “How does a New Jersey divorce work and when should I hire a lawyer?” into an AI chatbot, that system gives an answer based on content it considers reliable. GEO—Generative Engine Optimization—is about making your content understandable, quotable, and safe for those systems to lift into the response. Where SEO asks, “How do I rank in Google’s blue links?”, GEO asks, “How do I become the answer AI gives when someone in my jurisdiction asks a real client question?” 🧠

Where the ABA Model Rules Fit

GEO and hidden AI are not just marketing trends; they are ethics issues.

  • Model Rule 1.1 (Competence). Comment 8 extends competence to relevant technology. ABA guidance on AI (including Formal Opinion 512) explains that lawyers must understand how AI tools work in broad strokes, their limitations, and their failure modes. If you expect clients to find you through AI‑generated answers, you should know what those systems are likely to say about your area of law and how your own content feeds into that ecosystem. ⚖️

  • Model Rule 1.6 (Confidentiality). You do not need to paste client facts into AI tools to do GEO. Good GEO content relies on hypotheticals and public law, not on confidential stories. But when you use AI inside Word, your practice platform, or a browser‑based assistant, you must know where the data goes, whether it is used for training, and whether additional client consent or stronger safeguards are required. 🔐

  • Model Rule 1.4 (Communication). When AI tools materially affect how you handle a matter—such as drafting, research, or review—you may need to explain that to clients in clear, non‑technical terms. In marketing, that same communication duty supports honest disclaimers: your GEO‑optimized articles must state that they are general information, not legal advice, and that AI summaries of your content are no substitute for a direct attorney‑client consultation.

  • Model Rules 7.1–7.3 (Advertising and Solicitation). GEO content must still be truthful and non‑misleading. You cannot let AI‑targeted content slide into promises of “guaranteed results” or vague claims of being “the best.” The fact that you are writing for AI as well as humans does not relax your duties under the advertising rules—it amplifies them, because misstatements can get replicated and amplified by AI tools. 📢

Handled thoughtfully, GEO can actually help you satisfy these rules. It encourages you to publish accurate, current, and jurisdiction‑specific explanations that educate the public and reduce confusion. Done poorly, it can push you into ethically dangerous territory where AI retells your overbroad claims to countless readers you never see.

What Is “Hidden AI” in Law Practice?

How AI Shapes Legal Ethics and Client Discovery

For many lawyers with limited or moderate tech skills, the biggest risk is not exotic AI research—it is quiet defaults.

Examples:

  • Word processors that turn on AI‑assisted drafting by default.

  • Email services that summarize conversations using third‑party models.

  • Cloud DMS, i.e., a cloud-based document management system, or practice platforms that offer “smart” suggestions based on client documents.

These tools can be legitimate productivity boosts, but under Rules 1.1 and 1.6, you must understand enough about them to decide when and how to use them. That includes asking:

  • Does this feature send client content to an external provider?

  • Is that provider training on my data?

  • Can I turn that training off?

  • Is there a business or enterprise version with better confidentiality terms?

You do not need to become a software engineer. You do need to know the basic data‑flow story well enough to make an informed risk judgment and to explain that judgment if a client or disciplinary authority asks. 🙋‍♀️

Moving from SEO to GEO—Ethically

Traditional SEO still matters. You still want clear titles, descriptive meta tags, fast and mobile‑friendly pages, and basic schema markup so search engines can understand your site. GEO builds on that foundation and asks you to go one step further: write in a way that large language models can safely quote.

GEO‑friendly legal content usually has:

✅   An answer‑first summary at the top: a short, plain‑English overview of the main question.

✅   Strong jurisdiction signals: repeated references to the state, province, or country, relevant courts, and applicable statutes.

✅   Specific client questions: headings written in the same conversational style clients use (“How long do I have to sue after a car accident in Ohio?”).

✅   Trust signals: bylines, credentials, bar memberships, links to statutes and court sites, and recent update dates.

For example, if you serve veterans in disability benefits work, your GEO page might be titled “How VA Disability Claims Work for [Your State] Veterans” and open with a five‑sentence, answer‑first summary in plain English. You would clearly note that you practice in specific jurisdictions, link to the VA and governing statutes, and spell out when someone should seek legal counsel. An AI system looking for a safe, jurisdiction‑clear answer is more likely to treat that content as a reliable source.

From an ethics standpoint, this structure helps you:

  • Stay in your lane (Rule 1.1) by emphasizing your actual jurisdiction and practice scope.

  • Provide accurate, non‑misleading information (Rules 7.1–7.3).

  • Communicate clearly about what your content is—and is not (Rule 1.4).

Practical First Steps for Non‑Techy Lawyers

You do not need to rebuild your entire site this week. A focused, incremental approach works well, especially if you are still building your tech confidence. Here is a practical sequence that maintains compliance with the Model Rules:

Legal Ethics Meets GEO and Hidden AI

  1. Audit your “hidden AI.” With your IT provider or vendor reps, identify where AI is already in use in your stack: Microsoft 365, Google Workspace, Zoom, your case‑management system, research tools, and any browser extensions. Turn off any features you cannot yet explain to yourself in basic terms. 🛠️

  2. Pick one practice area to GEO‑optimize. Choose the area that drives most of your matters. List the 10 most common client questions you actually hear. Those are the headings for your first GEO page.

  3. Write answer‑first, jurisdiction‑specific content. Use short paragraphs and plain language, and embed jurisdiction cues and citations to official sources. Include clear disclaimers about general information, no legal advice, and the need for a consultation.

  4. Refresh and expand over time. Revisit that page whenever law or practice changes, add FAQs, and link related posts. This keeps content current for both search engines and AI tools.

  5. Document your choices. If you decide to use specific AI tools in drafting content or in client work, note your reasoning: confidentiality safeguards, vendor terms, and how you supervise outputs. This helps show that you approached AI use thoughtfully under Rules 1.1, 1.4, 1.6, 5.1, and 5.3. 📚

The core message is simple: you do not have to master every technical detail to be a tech‑savvy lawyer, but you do have to stop pretending that AI is optional. Your clients are already using it; your vendors are already embedding it; and AI systems are already shaping how clients find you. Taking a deliberate, ethics‑aware approach to hidden AI and GEO is no longer extra credit—it is part of protecting your clients, your reputation, and your license. 🚀⚖️

MTC

TSL.P Labs 🧪 Initiative: Why 96% AI Accuracy Still Fails Lawyers: Ethics, Hallucinations, and the Future of the Billable Hour ⚖️🤖

/ The Tech-Savvy Lawyer.Page/

📌 To Busy to Read This Week’s Editorial?

Welcome to the TSL Lab’s Initiative. 🤖 This weeks episode builds on my March 3rd, 2026, editorial “Even Though AI Hallucinations Are Down: Lawyers STILL MUST Verify AI, Guard PII, and Follow ABA Ethics Rules ⚖️🤖” is a misleading comfort blanket for lawyers, and how ABA Model Rules on confidentiality, competence, diligence, candor, supervision, and client communication must govern every AI prompt you run. Our Google LLM Notebook hosts translate the theory into practical workflows you can implement today—from document grounding and tokenization to vendor due diligence and line‑by‑line verification—so you can leverage AI confidently without sacrificing ethics, privilege, or your professional license.

You will hear how document grounding changes what LLMs actually do, why uploading active case files to cloud AI tools can quietly trigger Rule 1.6 problems, and how cross‑border data flows, vendor training rights, and retention policies can erode privilege if you do not negotiate them carefully. 🔐 We also unpack practical safeguards like tokenization, internal sandbox testing, and bright‑line “danger zones” where AI must never operate unsupervised—especially on open‑ended research, choice of law, and any task that turns statistical text into real‑world legal risk.

Finally, we confront the economic paradox: when AI can compress 100 hours of document review into seconds, but partners must still verify every line to protect their licenses, what exactly are clients paying for—and how does the billable hour survive? 💼

In our conversation, we cover the following

  • 00:00 – Why “96% fewer hallucinations” is still not good enough in law ⚖️

  • 01:00 – How the remaining 4% error rate can trigger malpractice, sanctions, and ethics violations

  • 02:00 – From IT issue to ethics issue: ABA Model Rules as the real constraint on AI adoption

  • 03:00 – Document grounding 101: turning a free‑floating LLM into a reading‑comprehension engine

  • 04:00 – The hidden danger of “just upload the file”: how Rule 1.6 confidentiality is instantly implicated

  • 05:00 – Cloud AI architecture, cross‑border data transfers, GDPR, and privilege risk 🌐

  • 06:00 – Model training nightmares: when your client’s trade secrets leak back out through someone else’s prompt

  • 07:00 – Negotiating no‑training clauses and ring‑fencing vendor data use (before you upload anything)

  • 08:00 – Tokenization explained: turning John Doe into “Plaintiff 01” without losing legal meaning 🔐

  • 09:00 – What AI does well today: grounded summarization, clause extraction, and playbook‑based redlines

  • 10:00 – The “danger zone” of tasks: open‑ended research, choice of law, and abstract legal reasoning

  • 11:00 – Phantom case law: how LLMs manufacture perfect‑looking but fake citations (and Rule 3.3 candor)

  • 12:00 – Sandboxing AI tools internally and measuring real‑world failure rates against known outcomes 🧪

  • 13:00 – Building bright‑line firm policies around forbidden AI use cases

  • 14:00 – Verification as a workflow, not a suggestion: what Model Rules 5.1 and 5.3 demand from supervisors

  • 15:00 – The efficiency paradox: when partner‑level verification erases associate‑level time savings ⏱️

  • 16:00 – Making AI verification as routine as a conflict check in your practice

  • 17:00 – Falling hallucination rates, rising risk: why better AI can still make lawyers more vulnerable

  • 18:00 – Client communication under Rule 1.4: when and why clients may be entitled to know you used AI

  • 19:00 – “You can delegate the task, not the liability”: Rule 1.2 and ultimate responsibility for AI‑assisted work

  • 20:00 – Treating every AI prompt and ToS as a potential ethics document

  • 📝21:00 – The existential question: if AI drafts in seconds, what exactly are clients paying lawyers for?

👉 Tune in now to learn how to stay tech‑forward without becoming the next ethics cautionary tale, and start designing AI policies that actually protect your clients, your firm, and your bar license.

⭐ First Five-Star Amazon Review for “The Lawyer’s Guide to Podcasting” – Why Tech-Savvy Lawyers Should Care About ABA Ethics, Client Trust, and Smart Marketing 🎙️⚖️

/ The Tech-Savvy Lawyer.Page/

“The Lawyer’s Guide to Podcasting” by your favorite blogger/podcaster just earned its first five-star Amazon review, and it’s a milestone worth your attention. 🎉📘 The reviewer highlights what many of us in legal tech have been saying: podcasting is no longer a fringe hobby; it is a strategic, ethics-aware marketing channel for modern law practice. 🎙️

For lawyers with limited to moderate tech skills, this book demystifies microphones, workflows, and publishing tools without assuming you want to become an engineer. Instead, it walks you through practical steps to share your expertise in a format today’s clients already trust—long-form, authentic audio. 🔊

From a professional responsibility perspective, the guidance aligns with ABA Model Rule 1.1 on technology competence and Model Rule 1.6 on confidentiality by emphasizing the use of secure platforms, thoughtful content planning, and careful handling of client-identifying details. The book reinforces that podcasting can showcase your substantive knowledge while staying within the guardrails of Model Rule 7.1, avoiding misleading claims about your services. ⚖️

QR Code for Amazon book link

The first five-star review underlines two themes: listeners want real conversations, and they quickly recognize when a lawyer respects both the audience’s time and the profession’s ethical duties. That is exactly the posture this book encourages—credible, compliant, and client-centered. 🌟

If you are ready to build authority, differentiate your practice, and satisfy your tech-competence obligations without drowning in jargon, now is the perfect time to get your copy of “The Lawyer’s Guide to Podcasting” on Amazon and start planning your first ethically sound episode. 🚀

🎙️ Ep. #131, Supercharging Litigation With AI: How StrongSuit Helps Lawyers Transform Research, Doc Review, and Drafting 💼⚖️

/ The Tech-Savvy Lawyer.Page/

My next guest is Justin McCallan, founder of StrongSuit, an AI-powered litigation platform built to transform how litigators handle legal research, document review, and drafting while keeping lawyers firmly in control. In this episode, Justin and I dig into practical, real-world workflows that solos, small firms, and big-firm litigators can use today and over the next few years to change the economics, pace, and strategy of litigation—without sacrificing accuracy, ethics, or the quality of advocacy.

Join Justin and me as we discuss the following three questions and more!

  1. What are the top three ways litigators should be using AI tools like StrongSuit right now to change the economics and pace of litigation without sacrificing accuracy, ethics, or quality of advocacy?

  2. What are the top three mistakes lawyers make when adopting AI for litigation, and what practical workflows help lawyers stay in the loop and use AI as a force multiplier instead of a risk? 

  3. Looking ahead to 2026 and beyond, what are the top three AI-driven workflows every litigator should master to stay competitive, and how can platforms like StrongSuit help build those capabilities into day-to-day practice? 

In our conversation, we cover the following

  • 00:00 – Welcome and guest introduction

    • Justin joins the show and shares his current tech setup at his desk. 

  • 00:00–01:00 – Justin’s current tech stack

    • Lenovo laptop, ultra-wide monitor, and regular use of StrongSuit, ChatGPT, and Gemini for different AI tasks.

    • Everyday tools: Microsoft Word and Power BI for analytics and fast decision-making.

  • 01:00–02:00 – Android vs. iPhone for AI use

    • Why Justin has been on Android for 17 years and how UI/UX familiarity often drives device choice more than AI capability.

  • 02:00–05:30 – Q1: Top three ways litigators should be using AI right now

    • Using AI for end-to-end legal research across 11 million precedential U.S. cases to build litigation outlines and identify key authorities.

    • Scaling document review so AI surfaces relevant documents and synthesizes insights while lawyers focus on strategy and judgment.

    • Leveraging AI for drafting and editing—improving style, clarity, and consistency beyond traditional spelling and grammar checks.

  • 05:30–07:30 – StrongSuit vs. basic tools like Word grammar check

    • How StrongSuit aims to “up-level” a lawyer’s writing, not just catch typos.

    • Stylistic improvements, clarity enhancements, and catching subtle inconsistencies in legal documents.

  • 06:00–08:00 – AI context limits and scaling doc review

    • Constraints of large models’ context windows (around ~1M tokens ≈ ~750 pages).

    • How StrongSuit runs multiple AI agents in parallel, each handling small page sets with heuristics to maintain cohesion and share insights.

  • 08:00–09:00 – Handling tens of thousands of documents

    • How StrongSuit can handle between roughly 10,000–50,000 pages at a time, with the ability to scale further for enterprise matters.

  • 09:00–11:30 – Origin story of StrongSuit

    • Why Justin saw a once-in-a-generation opportunity when large language models emerged and how law, with its precedent and text-heavy nature, is especially suited to AI.

    • StrongSuit’s focus on litigators: supporting lawyers from intake through trial while keeping them in the loop at every step.

  • 11:30–13:30 – From intake to brief drafting in minutes

    • Generating full litigation outlines, research, and analysis in about ten minutes, then moving directly into drafting memos, briefs, complaints, and motions.

    • StrongSuit’s long-term goal: automating 50–99% of major litigation workflows by the end of 2026 while preserving lawyer control and judgment.

  • 12:00–14:30 – How StrongSuit tackles hallucinations

    • Building a full database of all precedential U.S. cases enriched with metadata: parties, summaries, holdings, and more.

    • Validating citations by checking whether the Bluebook citation actually exists in StrongSuit’s case database before surfacing it to the user.

    • Why lawyers should still review cases on-platform before filing, even when AI has filtered out hallucinations.

  • 14:30–16:30 – Coverage and jurisdictions

    • Coverage of all U.S. jurisdictions, federal and state, focused on precedential cases.

    • Handling most regulations from administrative agencies, and limits around local ordinances.

    • Uploading your own case files and using complaints and prior research as inputs into StrongSuit workflows.

  • 15:00–17:00 – Security and confidentiality for litigators

    • SOC 2 compliance and industry-standard encryption at rest and in transit.

    • No model training on user data.

    • Optional end-to-end encryption that can even prevent developers from accessing case content, using local encryption keys.

  • 16:30–20:30 – Q2: Top mistakes lawyers make when adopting AI for litigation

    • Mistake #1: Talking about AI instead of diving in with structured experiments and sanitized documents.

    • Using a framework to identify high-impact tasks: high volume, repetitive work, and heavy data/analysis (e.g., doc review, research, contract drafting).

    • How to shortlist tools: look for SOC 2, real product depth, awards, and a focus on your specific workflows.

    • Mistake #2: Expecting immediate mastery instead of moving through predictable adoption stages—from learning the tool, to daily use, to stringing workflows together.

  • 20:30–22:30 – Building firm-wide AI workflows over time

    • Moving from isolated experiments to integrated, low-friction workflows, such as automatic intake-to-research pipelines.

    • Using client intake audio or transcripts to automatically extract facts, issues, and research paths.

  • 22:30–24:30 – Time constraints and “no-time” lawyers

    • Why lawyers don’t need to be “technical” to use StrongSuit.

    • Reframing AI as text-based tools where lawyers’ writing skills and analytical thinking are assets, not obstacles. 

  • 24:00–26:00 – Practical workflows beyond intake

    • Using AI to prepare for expert depositions, including reviewing valuation analyses, flagging departures from market consensus, and generating targeted questions.

    • Reinforcing the value of AI-enhanced legal research and drafting as core litigation workflows.

  • 26:00–29:30 – Q3: 2026 and beyond – AI-driven workflows every litigator should master

    • Rapid improvement of baseline models (e.g., jumping from single-digit to high double-digit performance on difficult benchmarks year over year). 

    • The idea of “tipping points,” where small performance gains turn AI from marginally useful to essential in specific tasks.

    • Why legal research is a great training ground for understanding where AI excels, where it falls short, and how to divide labor between human and machine.

    • The value of learning basic prompting skills to get more from AI systems, even when platforms offer visual workflows.

  • 29:30–32:30 – Will workflows actually change—or just get better?

    • Why Justin expects familiar litigation workflows (doc review, research, drafting) to remain structurally similar, but become far faster and more sophisticated.

    • AI agents handling the grind work while lawyers focus on synthesis, judgment, and strategy.

    • A future where “AI + lawyer vs. AI + lawyer” resembles high-level chess: same rules, but much deeper thinking on both sides.

  • 32:30–End – Where to find Justin and StrongSuit

    • How to connect with Justin and learn more about StrongSuit’s litigation tools.

Resources

Connect with Justin

Hardware mentioned in the conversation

Software & Cloud Services mentioned in the conversation

TSL.P Labs 🧪: Legal Tech Wars, Client Data, and Your Law License: An AI-Powered Ethics Deep Dive ⚖️🤖

/ The Tech-Savvy Lawyer.Page/

📌 To Busy to Read This Week’s Editorial?

Join us for an AI-powered deep dive into the ethical challenges facing legal professionals in the age of generative AI. 🤖 In this Tech-Savvy Lawyer Page Labs Initiative episode, AI co-hosts walk through how high‑profile “legal tech wars” between practice‑management vendors and AI research startups can push your client data into the litigation spotlight and create real ethics exposure under ABA Model Rules 1.1, 1.6, and 5.3.

We’ll explore what happens when core platforms face federal lawsuits, why discovery and forensic audits can put confidential matters in front of third parties, and how API lockdowns, stalled product roadmaps, and forced sales can grind your practice operations to a halt. More importantly, you’ll get a clear five‑step action plan—inventorying your tech stack, confirming data‑export rights, mapping backup providers, documenting diligence, and communicating with clients—that works even if you consider yourself “moderately tech‑savvy” at best.

Whether you’re a solo, a small‑firm practitioner, in‑house, or simply AI‑curious, this conversation will help you evaluate whether you are the supervisor of your legal tech—or its hostage. 🔐

👉 Listen now and decide: are you supervising your legal tech—or are you its hostage?

In our conversation, we cover the following

  • 00:00:00 – Setting the stage: Legal tech wars, “Godzilla vs. Kong,” and why vendor lawsuits are not just Silicon Valley drama for spectators.

  • 00:01:00 – Introducing the Tech-Savvy Lawyer Page Labs Initiative and the use of AI-generated discussions to stress-test legal tech ethics in real-world scenarios.

  • 00:02:00 – Who’s fighting and why it matters: Clio as the “nervous system” of many firms versus Alexi as the “brainy intern” of AI legal research.

  • 00:03:00 – The client data crossfire: How disputes over data access and training AI tools turn your routine practice data into high-stakes litigation evidence.

  • 00:04:00 – Allegations in the Clio–Alexi dispute, from improper data access to claims of anti-competitive gatekeeping of legal industry data.

  • 00:05:00 – Visualizing risk: Client files as sandcastles on a shelled beach and why this reframes vendor fights as ethics issues, not IT gossip.

  • 00:06:00 – ABA Model Rule 1.1 (Competence): What “technology competence” really entails and why ignorance of vendor instability is no longer defensible.

  • 00:07:00 – Continuity planning as competence: Injunctions, frozen servers, vendor shutdowns, and how missed deadlines can become malpractice.

  • 00:08:00 – ABA Model Rule 1.6 (Confidentiality): The “danger zone” of treating the cloud like a bank vault and misunderstanding who really holds the key.

  • 00:09:00 – Discovery risk explained: Forensic audits, third‑party access, protective orders that fail, and the cascading impact on client secrets.

  • 00:10:00 – Data‑export rights as your “escape hatch”: Why “usable formats” (CSV, PDF) matter more than bare contractual promises.

  • 00:11:00 – Practical homework: Testing whether you can actually export your case list today, not during a crisis.

  • 00:12:00 – ABA Model Rule 5.3 (Supervision): Treating software vendors like non‑lawyer assistants you actively supervise rather than passive utilities.

  • 00:13:00 – Asking better questions: Uptime, security posture, and whether your vendor is using your data in its own defense.

  • 00:14:00 – Operational friction: Rising subscription costs, API lockdowns, broken integrations, and the return of manual copy‑pasting.

  • 00:15:00 – Vaporware and stalled product roadmaps: How litigation diverts engineering resources away from features you are counting on.

  • 00:16:00 – Forced sales and 30‑day shutdown notices: Data‑migration nightmares under pressure and why waiting is the riskiest strategy.

  • 00:17:00 – The five‑step moderate‑tech action plan: Inventory dependencies, review contracts, map contingencies, document diligence, and communicate with nuance.

  • 00:18:00 – Turning risk management into a client‑facing strength and part of your value story in pitches and ongoing relationships.

  • 00:19:00 – Reframing legal tech tools as members of your legal team rather than invisible utilities.

  • 00:20:00 – “Supervisor or hostage?”: The closing challenge to check your contracts, your data‑export rights, and your practical ability to “fire” a vendor.

Resources

Mentioned in the episode

Software & Cloud Services mentioned in the conversation

#LegalTech #AIinLaw #LegalEthics #Cybersecurity #LawPracticeManagement