The Privacy Spectrum
Not all AI access is created equal. Understanding where your data goes, and who can see it, is critical for protecting privileged communications.
Consumer Chatbots
Free and consumer-tier AI chatbots are designed for general use. Your conversations are typically logged, may be reviewed by humans, and are often used to train future models. This is fundamentally incompatible with attorney-client privilege.
Risks
- Conversations logged indefinitely by default
- Human reviewers may read your prompts for safety/quality
- Data used to train future model versions
- Subpoena-able conversation history
- Account compromise exposes full history
- No contractual privacy guarantees
What providers say
- "Opt-out" of training (but logs remain)
- Delete conversation history (may not delete from backups)
- Privacy modes available (limited effectiveness)
Appropriate for
Personal use, general research, non-sensitive queries. Never for client matters, privileged communications, or confidential business information.
Direct API Access
API access provides better privacy than consumer products. By default, most providers don't train on API data. However, data may still be logged for abuse monitoring, stored temporarily, and is subject to the provider's standard terms of service.
Risks
- Data logged for abuse monitoring (typically 30 days)
- Provider employees may review flagged content
- Standard ToS, not negotiated for legal use
- Logs exist and could be subpoenaed
- No specific privilege protections
Improvements over Consumer
- Not used for model training by default
- No persistent conversation history
- Business-focused terms of service
- Can build custom security layers
Appropriate for
Internal business tools, development, non-privileged work product. Risky for anything where a 30-day log retention could create discovery issues.
Zero Data Retention
Zero Data Retention agreements are contractual commitments from AI providers to process data in memory only, with no logging, no storage, and no training. This is the minimum threshold for handling privileged legal communications.
Remaining considerations
- Requires trust in provider's implementation
- Your organization's identity is known to provider
- Traffic patterns visible (when, how much)
- Dependent on provider maintaining compliance
Protections
- No logs means nothing to subpoena
- Contractual liability if breached
- Data processed in memory, immediately discarded
- Not used for training or improvement
- No human review of content
Need help implementing ZDR? We can help your organization negotiate and implement Zero Data Retention agreements with AI providers. Contact us to discuss your requirements →
Appropriate for
Legal work requiring confidentiality. The baseline for any attorney using AI on client matters. Necessary but may not be sufficient for the most sensitive work.
Aggregated ZDR Access
Aggregated ZDR adds a critical layer: your requests flow through a shared credential pool used by other verified attorneys. The AI provider sees requests from "inCamera," not from your firm. This provides camouflage that individual ZDR agreements cannot.
Remaining considerations
- Still requires trust in AI provider's ZDR implementation
- Data transits to third-party infrastructure
- Dependent on inCamera's operational security
Additional protections
- Provider cannot identify your firm or client
- Traffic blends with other attorneys
- No account linking your queries over time
- Pattern analysis significantly harder
- Additional encryption layer before transmission
- Verified attorney community maintains ZDR standing
Why aggregation matters: Even with ZDR, a provider could theoretically note that "Firm X made 500 requests about securities law in December." With aggregated access, that same provider only sees "inCamera attorneys made requests," with no way to attribute specific queries to specific firms or matters. Learn more about our security architecture →
Appropriate for
Privileged legal work, sensitive client matters, litigation support, due diligence. The recommended approach for attorneys who need strong confidentiality without managing their own infrastructure.
Local Deployment
Best PrivacyThe ultimate in privacy: AI models running entirely on hardware you control. No data ever leaves your premises. No third parties involved. Complete audit trails under your control. This is the gold standard for the most sensitive applications.
Considerations
- Significant infrastructure investment
- Requires technical expertise to operate
- Model capabilities may lag frontier models
- Ongoing maintenance and updates
- Power and cooling requirements
Protections
- Zero third-party data exposure
- Complete physical control of all hardware
- No external network dependencies
- Full audit trail ownership
- Air-gapped operation possible
- Custom model fine-tuning on your data
Need local deployment? For organizations requiring the highest level of privacy, we offer consulting services to design, build, and deploy private GPU clusters running open-weight models. Contact us to discuss your requirements →
Appropriate for
National security work, matters involving state secrets, ultra-high-net-worth client matters, situations where even metadata exposure is unacceptable, or organizations with regulatory requirements mandating on-premise data processing.
Quick Comparison
How each tier handles your data
| Tier | Data Logged? | Training? | Human Review? | Identity Known? | Subpoena Risk |
|---|---|---|---|---|---|
| Consumer Chatbots | Yes, indefinitely | Yes | Yes | Full account | High |
| Direct API | 30 days | No | If flagged | Org known | Medium |
| Zero Data Retention | No | No | No | Org known | Low |
| Aggregated ZDR | No | No | No | Anonymous | Very Low |
| Local Deployment | Your control | Your control | Your control | N/A | You control |
Ready to Upgrade Your AI Privacy?
inCamera provides aggregated Zero Data Retention access to frontier AI models, designed specifically for the legal profession's confidentiality requirements.