What's the most private way to use AI for legal work?

Running a local LLM on your own computer using tools like Ollama, LM Studio, or exo. Your prompts never leave your device, so there's no server to hack, no terms of service to read, and no vendor to trust.

Is it safe to use ChatGPT for legal research?

Yes, for research on public topics with no client data involved. If you're asking about statutes, case law concepts, or general legal principles, consumer AI tools are perfectly fine. Just don't paste confidential client information.

What is Zero Data Retention (ZDR) in AI?

Zero Data Retention means your prompts are processed in RAM only and never written to disk. After your session ends, there's nothing stored to hack, subpoena, or review. This is available through certain API configurations like the Anthropic API by default.

What's the difference between the ChatGPT website and the OpenAI API?

The ChatGPT website stores conversations for 30+ days and may use them for training (unless you opt out). The OpenAI API has different defaults: data isn't used for training, and you can negotiate zero-day retention for enterprise use.

How to Use AI: From Local to Cloud

There's a lot of anxiety in the legal profession about using AI. Some of it is warranted. Most of it isn't.

The reality is simple: different tasks need different levels of protection. Asking AI to explain a concept from a public statute? Use whatever's convenient. Summarizing a client's confidential settlement terms? You need to think harder about where that data goes.

This guide walks through your options, from maximum local control to "just use the free version." We'll start with the most private option and work our way up.

The Four AI Data Models

Not all AI is built the same. When you're evaluating tools, you'll encounter four distinct architectures. Where your data goes, and how long it stays there, depends entirely on which model you're using.

Local / Client-Side

Maximum Privacy

Examples Ollama, LM Studio, exo, on-premise LLMs

Data Retention Never leaves your device

Human Review No; there's no one to review it

Zero Data Retention

Recommended for Client Work

Examples Enterprise legal AI tools, Anthropic API (default)

Data Retention 0 days: processed in RAM, never written to disk

Human Review No; nothing to review after the session ends

Commercial API

Read Your DPA

Examples OpenAI API, Azure OpenAI, AWS Bedrock (default settings)

Data Retention Configurable: typically 0-30 days depending on agreement

Human Review Possible: check your specific terms

Consumer Chat

Fine for Public Info

Examples ChatGPT Free/Plus, Claude Free/Pro, Gemini, Copilot

Data Retention 30+ days: stored for abuse monitoring and service improvement

Human Review Yes: staff may review flagged conversations

The key insight: it's not about avoiding certain tools, it's about matching the tool to the task. Consumer chat is perfectly fine for research on public topics. Confidential client work needs something higher up the stack.

Option 1

Run It Locally

Client Secrets

This is the nuclear option for privacy: the AI runs entirely on your computer. Your prompts never touch the internet. There's no server to hack, no terms of service to read, no vendor to trust.

Modern Macs (especially M1/M2/M3/M4 with unified memory) can run surprisingly capable models. A MacBook Pro with 32GB of RAM can handle models that would have required a data center five years ago.

The Tools

Ollama

Dead simple. Install it, run ollama run llama3, and you're chatting with a local model. Great for getting started.

LM Studio

A nice GUI for downloading and running models. Browse a catalog, click download, start chatting. No terminal required.

exo

Cluster multiple Macs together to run larger models. Pool the memory from your MacBook and your Mac Studio for better performance.

MLX / llama.cpp

Lower-level tools for power users. MLX is Apple's framework optimized for their chips. Maximum performance, more setup.

Getting Started with Ollama

                        # Install (macOS)

                        brew install ollama

                        # Start the service

                        ollama serve

                        # Run a model

                        ollama run llama3.2

                        # Or try a coding-focused model

                        ollama run codellama

That's it. You're now running AI locally. Ask it anything. The conversation never leaves your machine.

The Tradeoffs

Pros: Complete privacy. Works offline. No subscription. No usage limits. You own the whole stack.

Cons: Local models are smaller than cloud models. A 70B parameter model running locally is good, but it's not GPT-4 or Claude Opus. For complex legal reasoning or long documents, cloud models still have an edge.

Good For

Drafting that needs to reference confidential information. Summarizing sensitive documents. Any task where you'd be uncomfortable if the prompt appeared in a data breach headline.

Option 2

API Access with Zero Retention

Client Data

Want the power of GPT-4 or Claude without the data baggage? API access is different from the chat interface.

When you use ChatGPT through the website, OpenAI stores your conversations for 30 days (and may use them for training unless you opt out). When you use the API, the default is different: data isn't stored for training, and you can negotiate zero-day retention.

How It Works

You get an API key. Your application sends prompts directly to the model. The model responds. With zero-data-retention agreements, nothing is written to disk. The prompt exists only in RAM while being processed, then it's gone.

This is what enterprise legal AI tools (including inCamera) are built on. You get cloud model quality with local-like privacy.

The Options

OpenAI API: Zero retention available on enterprise tiers. Default API already doesn't train on your data.
Anthropic API (Claude): Zero retention by default. Your prompts aren't stored or used for training.
Azure OpenAI: GPT-4 running in your own Azure tenant. Data never leaves your cloud environment.
AWS Bedrock: Claude and other models within your AWS account. Same idea.

Key Point

API access requires either building your own interface or using a tool that connects to the API on your behalf. The tradeoff is more control for more setup.

Pros: Best-in-class models. Strong privacy guarantees with proper agreements. Can be integrated into your workflow.

Cons: Pay per token (though costs have dropped dramatically). Requires some technical setup or a tool that handles it for you.

Good For

Privileged work product. Client communications. Anything where you need the best model but can't risk the data being stored anywhere.

Option 3

Just Use ChatGPT or Claude

No Client Data

Here's the thing: for a lot of legal work, the free consumer tools are fine.

If you're asking ChatGPT to explain the difference between a motion to dismiss and a motion for summary judgment, there's no client data involved. If you're having Claude help you outline a CLE presentation, who cares if Anthropic stores that conversation?

The anxiety around consumer AI tools often conflates two different questions:

"Is this tool any good?" Yes. GPT-4 and Claude are excellent.
"Should I put client secrets in it?" No. But you probably shouldn't put client secrets in your personal email either, and you still use email.

What the Consumer Tools Actually Do

ChatGPT (Free/Plus): Conversations are stored. Used for abuse monitoring (30 days). May be used for training unless you opt out in settings. Opt out via Settings → Data Controls → "Improve the model for everyone."

Claude (Free/Pro): Similar. Conversations stored. Can opt out of training. Anthropic retains data for safety review.

Google Gemini: Tied to your Google account. Activity controls let you pause history or auto-delete. Check Settings → Gemini Apps Activity.

The Privacy Settings That Matter

If you're going to use consumer tools, at least configure them:

Opt out of training. Every major platform has this option now.
Use temporary/incognito chat when available. ChatGPT's temporary chat doesn't save to history or train models.
Don't connect sensitive accounts. The plugin that syncs with your Google Drive is convenient until it isn't.

Good For

Legal research on public topics. Drafting templates without client specifics. Explaining concepts. Proofreading your own writing. Brainstorming. Anything where the prompt could be published in a bar journal without issue.

Matching the Tool to the Task

Here's a practical framework:

Task	Recommendation
"What's the statute of limitations for breach of contract in California?"	ChatGPT free. This is public information.
"Help me outline a memo on 401(k) fiduciary duties"	ChatGPT/Claude. No client data involved.
"Summarize this NDA and flag unusual terms"	Depends on the NDA. Public template? Consumer AI is fine. Client's actual NDA? Local or API.
"Review these deposition excerpts for inconsistencies"	Local LLM or zero-retention API. This is privileged work product.
"Draft a response to opposing counsel's settlement offer"	Local or API. Contains privileged strategy and confidential terms.
"What questions should I ask in a 30(b)(6) depo about data retention?"	ChatGPT/Claude. General strategy, no client specifics.

The File-Level Rule

Regardless of which option you choose, one rule applies to all of them:

The Principle

Share the minimum necessary. If you're asking about one clause, paste that clause, not the whole contract. If you need to reference a case, describe the issue; don't upload the entire file. The less you share, the less there is to protect.

This is true even with local models. Good habits are good habits.

What About [Specific Tool]?

Apple Intelligence

Processes on-device first. Complex requests go to Apple's Private Cloud Compute, which has strong cryptographic privacy guarantees. For general use, it's solid. For confidential client work, you're still sending data off your device.

Microsoft Copilot (in Word/Outlook)

Enterprise M365 handles data differently than consumer Bing Chat. Check with your IT department about your tenant's configuration. Generally, enterprise Copilot keeps data within your organization's boundary, but verify the specifics.

Legal-Specific Tools (Lexis+ AI, Westlaw AI, Casetext, etc.)

These are API-based tools with (usually) enterprise-grade data handling. Read the DPA. Most legal research platforms have negotiated appropriate terms because their entire customer base is lawyers.

The Bottom Line

AI privacy isn't binary. It's a spectrum, and you get to choose where on that spectrum each task belongs.

For maximum privacy: Run it locally with Ollama or LM Studio.
For better models with strong privacy: Use API access with zero retention.
For everyday research and general tasks: ChatGPT and Claude free tiers are perfectly fine.

The goal isn't to avoid AI. It's to use the right tool for the job.

Want the Best of Both Worlds?

inCamera gives you frontier model performance with zero-data-retention architecture: no local setup required, no privacy tradeoffs.

How It Works Request Access