Reading ABA Formal Opinion 512 is the easy part. The harder question comes five minutes later, when a managing partner, ethics counsel, or legal operations leader asks what the firm can actually produce if a client, carrier, court, or disciplinary investigator wants to know how generative AI was approved, supervised, and verified.
That is the useful way to read ABA Formal Opinion 512. It is not binding law, and it does not replace state rules, court orders, standing orders, or client-specific outside counsel guidelines. But since the ABA Standing Committee on Ethics and Professional Responsibility issued it on July 29, 2024, the opinion has functioned as a national ethics baseline for generative AI use in legal practice because it organizes the problem around duties lawyers already recognize: competence, confidentiality, communication, fees, supervision, and candor to tribunals.[1] It belongs in the regulatory-tracker lane: a maintained ethics-and-obligations reference, not legal advice and not a vendor adoption guide.

For a firm, the practical issue is not whether someone can quote the opinion. It is whether the firm has a dated, source-linked, role-owned record showing which tools may be used, what information may be entered, who reviewed the vendor, what training occurred, how lawyers supervise outputs, what clients were told, and how the firm bills for AI-assisted work. A modest spreadsheet that is current and used beats a polished AI policy no one follows.
What ABA Formal Opinion 512 Actually Requires
Op. 512 applies existing Model Rule duties to lawyers’ use of generative AI. It does not create a separate AI code. That matters because most of the compliance work should sit inside systems the firm already owns: conflicts and intake, information security, vendor management, supervision, billing, engagement letters, and litigation filing procedures.
| Model Rule duty | Operational question the firm must answer |
|---|---|
| Rule 1.1 competence | Do lawyers and supervisors have a reasonable understanding of the specific tool’s capabilities, limits, data handling, and verification needs? |
| Rule 1.6 confidentiality | Does the firm know what client or matter information may be entered into which tools, and when informed consent is required? |
| Rules 5.1 and 5.3 supervision | Who approves use, supervises lawyers and nonlawyers, reviews outputs, and maintains training records? |
| Rule 1.5 fees | Does billing reflect actual time, disclosed expenses, and the difference between overhead and client-chargeable tool costs? |
| Rule 1.4 communication | When must the client be told about, or consent to, generative AI use? |
| Rule 3.3 candor | What pre-filing process verifies AI-generated citations, quotations, authorities, and factual assertions? |
The opinion’s most useful phrase is its “reasonable understanding” standard. In footnote 14, the ABA cites research finding that AI-assisted legal research tools hallucinated between 17% and 33% of the time, depending on the system and task studied.[1][4] That range should not be treated as a universal benchmark for every legal AI product. The RIPS Law Librarian blog has criticized the study’s methodology, including concerns about dataset size and bias.[5] Still, the point survives the methodological fight: a lawyer cannot delegate professional judgment to a system whose failure modes the lawyer has not bothered to understand.
Reasonable understanding does not require every partner to become a machine-learning engineer. It does require enough tool-specific knowledge to answer basic questions before use: whether prompts or outputs are retained, whether user data trains the model, whether enterprise controls differ from consumer settings, whether sources are retrievable, whether the tool is designed for legal research or general drafting, and what human review is mandatory before the work leaves the firm.
For a more duty-by-duty treatment, the companion ABA Formal Opinion 512 compliance guide can sit beside this playbook. The focus here is the record the firm can defend.
Build the Playbook Around Seven Records
A workable Op. 512 program does not start with a memo announcing that the firm “uses AI responsibly.” It starts with artifacts that can be maintained. The IXSOR implementation playbook identifies seven useful records: an approved-tools list, a data-classification policy, vendor-diligence files, training records, a supervision standard, engagement-letter language, and an audit log.[2]

Those records are not a decorative appendix. They are the spine of the playbook. If the firm cannot identify the approved tool, the permitted data, the reviewing lawyer, the training record, the client disclosure, and the output verification trail, it will be left asking people to reconstruct compliance from memory after something has already gone wrong.
| Artifact | What it should prove |
|---|---|
| Approved-tools list | The firm knows which GAI tools are allowed, restricted, prohibited, or pending review. |
| Data-classification policy | Lawyers know what categories of client, confidential, privileged, personal, or public information may be entered into each tool. |
| Vendor-diligence files | Someone reviewed relevant vendor terms, security posture, data retention, training use, confidentiality controls, and contract limits. |
| Training records | Lawyers and staff received role-appropriate instruction before using the tool for client work. |
| Supervision standard | Partners and managers know who reviews prompts, outputs, citations, drafts, and staff use. |
| Engagement-letter language | Client communications match actual firm practices and do not rely on overbroad consent. |
| Audit log | The firm can show when a tool was approved, when a policy changed, who completed training, and how high-risk uses were reviewed. |
The firm’s AI policy can collect these commitments in one place, but the policy is only useful if it points to living records. A broader policy template belongs in the firm’s governance system; the operational details belong where lawyers and staff will actually look. For firms building that layer, the internal guide on law firm AI governance policy components is the natural companion.
Confidentiality Is the First Place a Generic Policy Fails
Rule 1.6 is where casual AI use becomes dangerous quickly. Op. 512 warns that lawyers must not reveal information relating to the representation of a client unless the client gives informed consent, the disclosure is impliedly authorized, or another exception applies.[1] In the generative AI setting, the hard question is not whether a lawyer means to disclose a secret. It is whether entering client information into a tool gives the tool provider access, permits retention, allows model training, or creates a risk the firm has not evaluated.
The narrow rule is important: self-learning GAI tools require informed client consent before the lawyer inputs information relating to the representation, and boilerplate engagement-letter language is not enough for that informed consent.[3] A general sentence saying the firm may use “technology” or “AI-enabled tools” does not tell the client what system is involved, what information will be submitted, whether the vendor may use the data, what safeguards apply, or what alternatives exist.
That is why the data-classification policy has to be more specific than “do not enter confidential information.” Most matter information is related to a representation. A workable policy sorts data by use, not by aspiration: public legal authorities, anonymized hypotheticals, internal administrative text, client confidential information, privileged communications, personal data, trade secrets, sealed material, and litigation strategy. Each category should map to approved tools and required approvals.
Vendor diligence then becomes part of confidentiality compliance rather than a procurement formality. The file should preserve the version of the vendor terms reviewed, whether prompts and outputs are retained, whether customer content is used for training, what enterprise privacy controls apply, whether users can disable training or history features, what subcontractors or processors are involved if disclosed, and who approved the tool for each data category. If the answer depends on an enterprise contract rather than the vendor’s public terms, the file should say that.
Engagement-letter language should be tied to actual workflows. If the firm uses a closed legal research tool for citation retrieval, the disclosure may look different from consent to input detailed client facts into a self-learning drafting platform. If the firm will not use client-identifying information in public or self-learning systems, say that and train to it. If the firm may seek matter-specific consent for higher-risk uses, the consent request should describe the use in enough detail for the client to make a real decision.
The internal treatment of generative AI confidentiality obligations should be incorporated into training for lawyers who draft prompts, supervise staff, or approve new tools.
Competence Means Tool-Specific Judgment, Not AI Fluency Theater
Competence under Rule 1.1 is not satisfied by a one-hour lunch presentation explaining that generative AI can hallucinate. The firm needs role-based training that matches actual use. A litigation associate using a research assistant needs different instruction from a marketing employee drafting client alerts, a paralegal summarizing discovery materials, or a partner asking for a first-pass contract clause.
A training record should identify the tool, the permitted use cases, the prohibited data categories, the required verification steps, the escalation path, and the date completed. If the firm updates a tool approval because vendor terms change, the training record should show who received the update. Competence is not just initial exposure; it is maintenance.
The Stanford hallucination study and the criticism of that study both point to the same operational conclusion: do not reduce competence to a single published error rate.[4][5] Lawyers need to know the particular system they are using and the task they are assigning. A tool that performs adequately for summarizing public documents may still be unsafe for finding controlling authority. A tool that retrieves citations may still misstate holdings. A tool that drafts fluent prose may still omit a jurisdiction-specific exception.
Subject-matter expertise also matters. An AI output can be grammatically polished and legally wrong in ways only a knowledgeable reviewer will catch. The firm’s competence standard should therefore say when review must be performed by a lawyer with relevant practice-area knowledge, not merely by whoever generated the prompt. The internal article on AI competence and subject-matter expertise can help set that threshold.
Supervision Is a Role Assignment Problem
Rules 5.1 and 5.3 turn AI governance into a supervision system. The firm must make reasonable efforts to ensure that lawyers and nonlawyers conform to professional obligations when they use generative AI.[1] That includes associates, contract lawyers, paralegals, litigation support staff, marketing personnel, administrative teams, and outside vendors whose AI-assisted work enters client matters.
The supervision standard should name owners. Someone should approve tools. Someone should maintain the approved-tools list. Someone should review vendor files. Practice groups should decide which uses require partner approval. Matter teams should know who verifies citations, who reviews factual summaries, and who signs off before work product goes to a client, court, regulator, or opposing counsel.
For higher-risk uses, the audit log should capture the decision path. That does not mean recording every prompt in every low-risk administrative workflow. It means the firm can reconstruct material decisions: a new tool approved for contract analysis, a practice group authorized to use a research product, a client consenting to a particular AI-assisted workflow, or a litigation team documenting pre-filing verification after using an AI research assistant.
Candor Requires Pre-Filing Verification, Not Regret After Filing
Rule 3.3 is the least negotiable part of the playbook. If AI assists with research, drafting, or citation generation, the lawyer still owes candor to the tribunal. UNC Law Library’s analysis of Op. 512 treats pre-filing verification of AI-generated citations as non-negotiable, and that is the only defensible reading for litigation practice.[7]
The verification standard should be written as a filing requirement, not a best practice. Before submission, every AI-generated case citation, statutory citation, quotation, parenthetical, procedural statement, factual assertion drawn from a record, and description of legal authority should be checked against an authoritative source. The reviewer should confirm that the authority exists, says what the filing says it says, remains good law for the proposition used, and applies in the relevant jurisdiction.
This is where general warnings about hallucinations are too soft. After Mata-style citation failures, courts have had little patience for lawyers who blame the tool after filing. The current internal sanctions tracker on AI hallucination sanctions in 2026 and the documented AI-generated citation sanctions reference belong directly in litigation training.
A defensible verification record does not need to be elaborate for every brief. It can be a filing checklist, a research log, a docketing task, or a partner signoff embedded in the litigation workflow. What matters is that the firm can show verification occurred before filing, not that a lawyer later ran a cleanup search after opposing counsel or the judge found the problem.
Accuracy comparisons can inform tool selection, but they do not replace verification. If the firm reviews product-specific benchmark material, such as the internal comparison of CoCounsel vs. Lexis+ AI accuracy and hallucination rates, the conclusion should feed the approved-tools list and training requirements. It should not become permission to file unverified output.
Communication and Consent Should Track Real Use Cases
Rule 1.4 does not require a client conversation for every internal use of ordinary technology. Op. 512 is more measured than that. The communication duty becomes serious when generative AI use is material to the representation, affects the means by which the client’s objectives are pursued, requires informed consent under confidentiality rules, is requested or prohibited by the client, or is relevant to fees and expenses.[1]
Engagement-letter language should therefore have more than one setting. A firm may use general disclosure for routine, approved, low-risk AI-supported workflows. It may need matter-specific consent before entering client information into a self-learning tool. It may need a client-specific protocol when outside counsel guidelines restrict AI use. It may need an express discussion when a client asks the firm to use a particular tool or to avoid AI altogether.
Legal AI Governance’s guide reports that more than 35 states have materials or cross-references relevant to lawyer AI duties, but the figure should be treated as a self-reported, cross-referenced landscape rather than a certified census.[3] The practical point is narrower and safer: state-level ethics guidance is no longer rare, and a national ABA baseline is not enough for a multijurisdictional firm.
Fees: Separate Time, Overhead, Expenses, and Training
Rule 1.5 forces firms to look at the billing consequences of AI-assisted work. Op. 512 states that lawyers billing by the hour may charge only for the actual time spent; a task completed in 15 minutes with AI assistance cannot be billed as though it took several hours manually.[1] That point also follows the ABA’s older fee guidance in Formal Opinion 93-379, which Op. 512 cites in its discussion of billing for efficiencies.[1]
The billing procedure should distinguish four categories. First, actual lawyer time remains billable if reasonable and properly recorded. Second, general AI learning is firm overhead, not client time. Third, GAI functionality embedded in general practice tools is typically overhead. Fourth, a per-use third-party GAI charge may be passed through as a client expense if disclosed in advance and handled consistently with the fee agreement and applicable rules.[1]
Client-requested tool-specific training is different. If a client asks a team to learn a particular platform or follow a client-mandated workflow, that training may be billable with advance agreement. Without that agreement, the safer default is to treat general AI competence as the firm’s cost of doing business.
Flat fees are the unsettled pressure point. Thomson Reuters Institute has argued that flat fees set before GAI adoption may become unreasonable if AI materially compresses the work required.[6] That is a serious law-firm-facing critique, not a settled consensus. The defensible response is to review fixed-fee assumptions when AI changes delivery economics, document the basis for reasonableness, and avoid treating AI-enabled margin expansion as invisible to the ethics analysis.
What Op. 512 Does Not Solve
A playbook built around ABA Formal Opinion 512 still needs a gap register. The opinion gives a national ethics baseline, but it does not answer every question a firm will face. Three gaps deserve explicit ownership.
- Privilege waiver analysis: Op. 512 addresses confidentiality duties, but it does not provide a complete privilege-waiver framework for submitting privileged or work-product material to third-party AI systems.
- Tool selection methodology: the opinion tells lawyers to understand risks and duties, but it does not prescribe how to compare vendors, weight security features, test accuracy, or approve tools across practice groups.
- Court-specific disclosure rules: federal and state courts may impose AI disclosure, certification, or filing requirements that go beyond the ABA baseline.
Florida, Kentucky, Texas, and other jurisdictions have added AI-related disclosure or ethics requirements that can exceed what Op. 512 itself requires.[3] A litigation team that follows the ABA opinion but misses a judge’s standing order has not solved the problem. The regulatory tracker should therefore include court rules, local orders, client guidelines, carrier requirements, and state ethics materials alongside ABA guidance.
This is also why the playbook should identify a maintenance owner. If no one owns updates, the firm will eventually have an impressive document attached to stale vendor terms, retired tool names, outdated training, and engagement language that no longer matches practice.
The Defensibility Test
The final test is simple and uncomfortable: if a malpractice carrier, client, court, or disciplinary investigator asked what the firm did before using generative AI on a matter, could the firm produce records rather than assurances?
- A dated approved-tools list showing the tool was permitted for the relevant use.
- A data-classification rule showing the information entered was allowed, restricted, or supported by informed consent.
- A vendor-diligence file showing the firm reviewed data handling, confidentiality, retention, and training-use terms.
- Training records showing the user and supervisor knew the tool’s limits and required verification steps.
- A supervision and verification record showing AI outputs were reviewed before client delivery or court filing.
- Engagement-letter or matter-specific consent language matching the actual AI workflow.
- A billing record separating actual time, overhead, disclosed expenses, and any client-approved tool-specific training.
That is the difference between saying the firm follows ABA Formal Opinion 512 and being able to prove the firm acted reasonably before the dispute, complaint, sanctions motion, or renewal questionnaire arrived.
References
- Formal Opinion 512: Generative Artificial Intelligence Tools, American Bar Association, July 29, 2024.
- ABA Formal Opinion 512, IXSOR.
- ABA Opinion 512, Legal AI Governance.
- Hallucination-Free? Assessing the Reliability of Leading AI Legal Research Tools, May 2024.
- Stanford HAI Legal AI Hallucination Study: Is It Really Hallucination?, RIPS Law Librarian Blog.
- ABA’s AI ethics opinion leaves law firms with unanswered questions, Thomson Reuters Institute.
- ABA Formal Opinion 512, UNC Law Library, February 2025.
Comments
Join the discussion with an anonymous comment.