The governance problem in AI legal research is no longer hypothetical. In the 2026 Legal Industry Report covered by LawNext, 69% of surveyed legal professionals said they use generative AI for work, while only 9% reported having a written, enforced AI policy; 54% said their firms provide no AI training, and 43% said they have no AI policy and no plans to create one.[1] The sample matters: it skewed heavily toward solo and small firms, with 45% solo respondents and 38% from firms of two to five lawyers.[1] Still, the mismatch is too large to dismiss as a sampling artifact. Lawyers are already using these tools. Many organizations have not built the record that would show how that use is restricted, supervised, verified, or billed.
That gap now sits against a professional responsibility floor that is much clearer than it was two years ago. ABA Formal Opinion 512, issued in July 2024, applies familiar Model Rule duties to generative AI use: competence, confidentiality, communication, reasonable fees, and supervision.[2] The opinion does not create a special AI exception for legal research. It places AI-assisted work inside duties lawyers already know how to administer, if they choose to administer them.

The practical question for firm leadership in Q3 2026 is therefore narrow and uncomfortable: if ethics counsel had to defend the firm’s AI-assisted research practices, could the firm show more than good intentions? A partner’s assurance that “we always check the work” is not the same as a verification protocol. A general confidentiality policy is not the same as a rule that bars client facts from public AI tools unless the platform, terms, and client authorization have been reviewed. A CLE lunch is not the same as a training record tied to approved use.
The Ethics Floor Has Moved From Advice to Operational Duty
ABA Formal Opinion 512 is useful because it resists novelty theater. It does not ask whether generative AI is impressive, threatening, or inevitable. It asks what a lawyer must do when using it. Under Model Rule 1.1, the lawyer must understand enough about the tool’s capabilities and limits to use it competently. Under Model Rule 1.6, the lawyer must protect client information before entering it into a system. Under Model Rule 1.4, the lawyer may need to communicate with a client about AI use when the circumstances make that material to the representation. Under Model Rule 1.5, the lawyer may not charge unreasonable fees merely because AI compressed the time required. Under Model Rule 5.3, the lawyer must supervise AI-assisted output in a manner analogous to supervision of non-lawyer assistance.[2]
The competence duty is the first control point for AI legal research. It does not require every lawyer to become a software engineer. It does require enough literacy to know that a fluent answer is not a verified answer, that a cited case may not stand for the proposition asserted, and that a tool’s training, retrieval, or drafting method affects how much reliance is reasonable. A firm that wants a deeper treatment of the competence duty can route lawyers to ABA Model Rule 1.1 and AI: What Competence Requires of Attorneys Using AI Tools, but the governance consequence is simple: competence cannot remain an individual vibe. It needs minimum tool training, research verification standards, and a way to identify who is allowed to use which systems for which work.
The confidentiality duty is less forgiving. Before a lawyer inputs client information, the firm must know what the tool does with that information, whether it is retained, whether it is used for model training, who can access it, whether the vendor terms preserve confidentiality, and whether the client has imposed stricter contractual or outside-counsel-guideline limits. A lawyer who pastes privileged facts into an unapproved public AI interface has not merely used a new research aid. The lawyer has changed the risk profile of the client’s information.
Communication and fees are sometimes treated as secondary duties in AI policy discussions. They should not be. A client may care whether AI will be used for a sensitive matter, whether the work will be reviewed by a lawyer, whether the client’s data will enter a third-party system, or whether an AI subscription charge will be passed through. If AI materially reduces the time required for first-pass research, the billing treatment must still satisfy the duty of reasonable fees. The ethical issue is not that efficiency is improper. The issue is whether the lawyer’s invoice and description of work remain defensible when technology has changed the labor actually performed.

State Guidance Is Converging Around the Same Controls
The state-level picture is uneven in form but increasingly consistent in substance. Florida Opinion 24-1, California’s practical guidance and proposed rule amendments, Texas Opinion 705, New York Opinion 2025-6, Pennsylvania 2024-200, North Carolina 2024 FEO 1, and Oregon guidance all point firms back to the same core duties: verify AI output, protect confidential information, supervise use, communicate when required, and avoid unreasonable fees.[3][4] The details vary by jurisdiction, but the recurring pattern should matter more to firm policy than the stylistic differences among opinions.
Florida’s Opinion 24-1 is significant because it arrived early and framed the issue in a way firms can operationalize: competence, confidentiality, supervision, and disclosure.[3] That structure is not exotic. It is a management checklist hiding inside an ethics opinion. If a Florida lawyer uses AI for research, the lawyer needs to know the tool well enough to use it responsibly, must avoid exposing client information without adequate safeguards, must review the output, and must consider whether client disclosure is required.
California deserves separate attention, but not overstatement. California has issued practical guidance, and as of May 2026, six proposed amendments would move parts of the AI ethics framework closer to binding rule text.[3][4] Those proposed amendments are not yet binding. Their importance is directional: they show regulators testing whether advisory guidance should become enforceable professional conduct language. Firms tracking California in detail should use California’s AI Ethics Rulemaking: How Six Proposed Rule Amendments Would Make “Should” Into “Must” and California State Bar AI Ethics Guidance: What Attorneys Must Know for the jurisdiction-specific status rather than treating a national policy memo as enough.
Texas Opinion 705 applies Texas disciplinary rules on competence, confidentiality, supervision, and candor to AI use.[3] For firms practicing in Texas, the point is not merely that AI work must be checked. The point is that a false citation or unsupported legal proposition can become a candor problem when it reaches a tribunal. A research workflow that catches the error before filing is therefore not an internal preference. It is part of the lawyer’s compliance system. Firms needing Texas-specific treatment can consult Texas State Bar AI Ethics Opinion 2024: What Attorneys Must Know.
New York adds another governance signal. In addition to ethics guidance, New York now requires at least two annual CLE credits in AI competency as of Q3 2025.[3] A training mandate does not itself prove that lawyers are using tools correctly, but it changes what a defensible training record should look like for New York practitioners. If the firm cannot show who completed AI competency training, which internal rules were covered, and how the training connects to approved research workflows, the CLE checkbox will not answer the supervision question.
Pennsylvania, North Carolina, and Oregon reinforce the broader trend rather than creating a wholly different category.[3][4] Across these jurisdictions, the same pattern recurs: AI output must be reviewed by a lawyer; client information requires protection before entry into a tool; lawyers remain responsible for work product; and billing cannot convert automation into an unjustified charge. That convergence is the reason multi-jurisdiction firms should not wait for perfect uniformity. The common floor is already visible.
A Defensible Policy Is Built Around Decisions, Not Aspirations
An AI policy that says “lawyers must comply with all ethical obligations” is not useless, but it is unfinished. The firm needs decision points that convert those obligations into ordinary work habits. Who may use a tool? Which tools are approved? What information may be entered? What must be verified? Who reviews the result? When must the client be told? How is the time billed? Where is the evidence kept?
The firm does not need to put its entire policy template in a landscape memo. It does need architecture. Detailed drafting can live in a separate policy resource, such as Building a Law Firm AI Policy: 8 Essential Components Based on Bar Guidance and Policy Frameworks, or in an adaptable clause set like How to Build Your Law Firm’s AI Acceptable Use Policy: A Clause-by-Clause Template. The governance owner’s job here is to make sure the architecture answers the duties the opinions now identify.
| Governance decision | Ethical duty it answers | What the firm should be able to show |
|---|---|---|
| Approved and prohibited tools | Competence, confidentiality, supervision | A current tool list, approval criteria, prohibited-use categories, and vendor review records |
| Client-data input rules | Confidentiality | A process for reviewing tool terms, data retention, training use, access controls, and client restrictions before confidential information is entered |
| Citation and proposition verification | Competence, candor, supervision | A required check of cases, statutes, quotations, and legal propositions against authoritative sources before reliance or filing |
| Supervisory review | Rule 5.3-style supervision | A named lawyer responsible for AI-assisted research output, including work performed by associates, paralegals, research attorneys, or staff |
| Client communication triggers | Communication, confidentiality | Criteria for when AI use must be disclosed or approved, especially for sensitive data, client guidelines, or material changes in work method |
| Billing treatment | Reasonable fees | Rules for time entries, pass-through charges, subscription allocation, and review of AI-compressed work |
| Training and documentation | Competence, supervision | Training records, acknowledgments, audit logs where available, and matter-level evidence that required review occurred |
Tool Approval Must Come Before Matter Use
Tool approval is where many firms still blur procurement and ethics. A legal-specific research platform, an enterprise AI system, and a public chatbot do not present the same confidentiality, reliability, logging, or contractual profile. A defensible policy distinguishes among them before a lawyer is under deadline pressure. It should identify approved tools for legal research, tools approved only for administrative or drafting support, and tools that may not receive client information or be used for legal analysis.
This is also where solo and small-firm reality matters. A firm of two lawyers may not have a procurement department, security team, and professional responsibility committee. But the ethical question does not disappear because the org chart is small. The scaled version may be a shorter approved-tool list, a written note on vendor terms, and a standing rule that confidential facts do not go into public tools. What is not defensible is having no boundary at all while lawyers are already experimenting.
Confidentiality Review Has to Be Specific Enough to Stop a Bad Prompt
A generic reminder to protect client confidences will not stop the risky use case: a lawyer pastes a detailed factual chronology, settlement posture, or litigation strategy into a public tool because the immediate task feels like research. The policy needs examples of prohibited inputs and an escalation path when a lawyer wants to use client-specific facts. It should also address client outside counsel guidelines, because some clients will restrict AI use more tightly than the default ethics rules.
Heppner v. Microsoft sharpened this issue in February 2026 by treating exchanges with a public AI platform as outside privilege and work-product protection.[4] That ruling should not be inflated into a universal rule for every platform or every factual setting. Its operational lesson is narrower and sufficient: public AI interactions can create privilege and confidentiality consequences that ordinary users may not appreciate. A firm policy must therefore make public-tool restrictions visible at the point of use, not buried in an annual memo.
Verification Is a Work Step, Not a Personal Assurance
The verification rule should be blunt. No AI-generated citation, quotation, procedural rule, statutory reference, case summary, or legal proposition should be relied on until it has been checked against an authoritative source. That check should include whether the authority exists, whether it remains good law, whether the quoted language is accurate, whether the jurisdiction is correct, and whether the proposition is actually supported.
The policy also needs to decide what evidence of verification is enough. In some matters, a research memo with cited authorities and lawyer comments will suffice. In others, the firm may require a checklist, a saved research trail, or a supervising lawyer’s signoff before filing. The point is not to create paperwork for its own sake. The point is to avoid discovering, after a court order or client complaint, that everyone assumed someone else checked the cases.
Supervision Should Protect the People Who Inherit the Cleanup
AI-assisted research often enters the matter through the least powerful person in the workflow: an associate asked for a quick answer, a paralegal told to summarize authority, a research attorney asked to test a new platform, or a staff member asked to turn a prompt into a first draft. Rule 5.3-style supervision matters because it assigns responsibility upward. The lawyer responsible for the work cannot treat AI output as if it arrived from nowhere and then leave a junior team member to repair it when the answer proves unreliable.
A practical supervision rule identifies who may assign AI-assisted research, who may perform it, what review is mandatory before the work leaves the team, and when higher-level review is required. Novel legal issues, court filings, dispositive motions, sensitive client facts, and unfamiliar jurisdictions should not receive the same review treatment as a low-risk internal orientation memo.
Fees and Client Communication Need Their Own Triggers
The fee question is not solved by saying that lawyers bill for judgment, not keystrokes. That is true as far as it goes, but it does not answer whether a client is being charged reasonably for work materially accelerated by AI. Firms should decide how lawyers record AI-assisted research time, whether AI subscription costs are treated as overhead or passed through, whether any pass-through requires client consent, and how write-downs are handled when AI produces unusable work.
Client communication triggers should be equally concrete. Disclosure may be appropriate when client confidential information will be entered into a third-party AI system, when client guidelines require consent, when the use of AI materially affects how the representation will be carried out, or when the client has asked for restrictions. A policy that leaves communication entirely to individual preference will produce uneven behavior across practice groups.
Sanctions Cases Show the Cost of Treating Verification as Optional
The sanctions record is not the whole story, but it is the part courts have made painfully visible. Reported sanctions tied to AI-generated false legal material have escalated from $5,000 in Mata v. Avianca in the Southern District of New York in 2023, to $31,100 in Lacey v. State Farm in the Central District of California in 2025, to $110,000 in Couvrette v. Wisnovsky in the District of Oregon in 2025.[4] Baker Donelson has counted more than 120 cases involving AI-driven legal hallucinations in court filings since mid-2023.[4]
Those cases are useful as urgency context, not as a substitute for governance analysis. A firm that focuses only on fake citations may miss the quieter failures: confidential data entered into an unapproved system, AI-assisted research billed without a reasonable fee analysis, client restrictions ignored, or junior lawyers left without a required review path. For a fuller treatment of sanctions and the professional responsibility rules triggered by hallucinated authority, see AI Hallucinations and Attorney Ethics: Which Professional Responsibility Rules Are Triggered and How Sanctions Have Escalated.
What Ethics Counsel Should Be Able to Produce
If a client, court, insurer, regulator, or disciplinary authority asks how the firm governs AI legal research, the answer should not depend on interviewing individual lawyers after the fact. The firm should be able to produce a small body of records that show the system existed before the problem.
- A written AI use policy that distinguishes approved, restricted, and prohibited tools.
- A confidentiality review process for client data, including treatment of public AI platforms, vendor terms, retention, training use, and client-specific restrictions.
- A mandatory verification standard for AI-generated legal citations, quotations, authorities, and propositions.
- Supervision rules that identify responsible lawyers and review requirements for AI-assisted work by associates, paralegals, research attorneys, and staff.
- Client communication and consent triggers for sensitive matters, client data use, outside counsel guidelines, and material changes in work method.
- Billing rules for AI-assisted work, including time entries, pass-through charges, subscription costs, and write-downs for unusable output.
- Training records showing who received AI instruction, when it occurred, what policy rules were covered, and which jurisdictions or practice groups required additional treatment.
- Matter-level documentation sufficient to show that required review occurred before AI-assisted research reached a client, court, or opposing party.
This does not mean every matter needs an elaborate AI file. It means the firm should know when documentation is required and what form it takes. A routine internal research question may require only ordinary memo citations and lawyer review. A brief filed in court after AI-assisted research may require a clearer verification trail. A matter involving confidential client business plans or litigation strategy may require prior tool approval and client-specific restrictions. The governance system should scale, but it should not vanish.
The Remaining Risk Is Proof
Written policies are necessary, and they are not enough. An unenforced AI policy can become a more polished version of the same governance gap: impressive language, little evidence. The harder work is making policy part of research intake, assignment, supervision, review, billing, and training. Practice group leaders need to know the rules. Junior lawyers need permission to slow down when verification is incomplete. Billing partners need a consistent treatment for AI-compressed work. Ethics counsel needs records that do not have to be reconstructed from memory.
This article is an editorial synthesis of published ethics guidance and reported developments, not legal advice. Firms should verify applicable rules, opinions, client agreements, and court requirements in the jurisdictions where they practice.
By 2026, the main professional risk in AI legal research is not that a lawyer might experiment with a research tool. The sharper risk is that the firm cannot show how it supervises, verifies, restricts, trains, and documents that use across the jurisdictions where it practices.
References
- AI Adoption Among Legal Professionals Has More Than Doubled in a Year, LawNext, March 2026
- ABA Issues First Ethics Guidance on a Lawyer’s Use of AI Tools, American Bar Association, July 29, 2024
- State Bar Rules on AI Use: What Lawyers Need to Know About AI Compliance, Spellbook
- AI Legal Ethics in 2026: 6 Cases, 4 Rules, 1 Policy Template, GC AI
Comments
Join the discussion with an anonymous comment.