Rule 1.6 & Security

Your client data is protected with local execution, encryption, and ethical AI practices built for legal professionals.

๐Ÿ›ก๏ธ We Never See Your Client Data

LawTasksAI never receives your documents or queries. We deliver expert analysis frameworks โ€” your AI assistant does the processing.

For document analysis tasks, everything runs on your computer โ€” documents are never transmitted to LawTasksAI servers. For other tasks, we process legal questions (not client files). We do not see or store case documents, client names, or matter details. Ever.

Understanding Privacy: Two Layers

Many attorneys ask: "Is LawTasksAI Rule 1.6 compliant?" The answer requires understanding two separate systems working together:

โš ๏ธ Important: Privacy Has Two Parts

Layer 1: LawTasksAI (our software) never receives your documents. Files stay on your machine.

Layer 2: Your AI Assistant (Claude Desktop, ChatGPT, OpenClaw, etc.) processes your prompts and may send data to its cloud provider.

For full Rule 1.6 compliance, you need both layers to be private. See recommendations below.

Layer 1: LawTasksAI (Our Architecture)

LawTasksAI is designed with attorney confidentiality as the foundation. Here's what we do and don't collect:

๐Ÿ”’ Our Privacy Commitment

We never see your data: LawTasksAI.com never sees your prompts, your client files, or your client data. Your documents stay local if using OpenClaw, or go to your LLM provider if using a cloud AI.

Your AI does the processing: The framework is applied by your AI assistant. If you use a cloud AI provider, your data is sent to them. For confidential work, use a local LLM or a provider with a zero data retention agreement.

Data retention: We don't receive, store, or have access to your queries or results. We don't sell your information.

What We Collect

  • Account Information: Email, name, and payment details (processed securely via Stripe)
  • Usage Data: Which tasks you run, credit consumption, and aggregate usage patterns
  • Technical Data: Device type, operating system, app version for debugging and support

What You Transmit to Us

LawTasksAI never receives your documents or queries. The only things your device sends to LawTasksAI are:

  • Your license key โ€” to verify your account and deduct credits
  • Task ID โ€” which expert framework to deliver

LawTasksAI.com never sees your prompts, your client files, or your client data. Our server validates your license and delivers the expert analysis framework. Your documents stay local if using OpenClaw, or go to your LLM provider if using a cloud AI. For full details see our Zero Data Retention & ABA Compliance guide.

Layer 2: Your AI Assistant (The Missing Piece)

This is where confidentiality decisions actually happen.

LawTasksAI doesn't work alone โ€” it integrates with an AI assistant like Claude Desktop, ChatGPT, or OpenClaw. When you upload a document or send a prompt:

  1. Your AI assistant receives your prompt/document first
  2. It may send data to its cloud provider (Anthropic, OpenAI, etc.)
  3. The AI assistant calls LawTasksAI to execute the task
  4. Results flow back through the same path

โš ๏ธ Critical Understanding

If you use a cloud AI assistant (Claude Desktop, ChatGPT, etc.), your documents and prompts may be sent to that provider's servers โ€” regardless of LawTasksAI's local execution.

LawTasksAI is designed for privacy, but full Rule 1.6 compliance requires BOTH layers to be private.

Current AI Provider Policies

  • Anthropic (Claude): Processes prompts/documents on their servers โ€” review their current data retention policies
  • OpenAI (ChatGPT): Processes prompts/documents on their servers โ€” review their current data retention policies
  • OpenClaw with cloud LLM: Same as above โ€” depends on the LLM provider
  • OpenClaw with local LLM: Everything stays on your machine (full confidentiality)

Rule 1.6 Considerations

Most state bar associations require attorneys using cloud AI to:

  1. Understand the provider's data handling practices
  2. Ensure reasonable security measures are in place
  3. Obtain informed client consent (in many jurisdictions)
  4. Document your due diligence

Recommendations for Full Confidentiality

โœ… Option 1: Local AI (Highest Security)

Best for: Highly confidential matters, privileged documents, discovery materials

Setup:

  • Install OpenClaw on your computer
  • Configure with local LLM (Ollama + Llama 3.1 70B or 405B)
  • Install LawTasksAI via /skill install
  • All processing happens offline

Pros: Full Rule 1.6 compliance, no third-party exposure

Cons: Requires powerful hardware (32GB+ RAM)

โ†’ See Complete Local Setup Guide

โš ๏ธ Option 2: Cloud AI with Safeguards

Best for: Non-privileged documents, general legal research, drafting

Setup:

  • Use Claude Desktop or ChatGPT Business/Enterprise tier
  • Review provider's data processing agreements
  • Obtain informed client consent
  • Document your due diligence

Pros: Easy to use, powerful AI, no hardware requirements

Cons: Data leaves your control, third-party risk

๐ŸŽฏ Option 3: Hybrid (Recommended)

Best for: Most solo and small firm attorneys

Strategy:

  • Confidential/privileged: Local AI setup
  • General research/drafting: Cloud AI
  • Client intake, non-privileged: Cloud AI with consent

Implementation: Set up both environments, train staff on when to use each, create internal policy

This is what I do in my practice.

Quick Decision Matrix

Your Setup Documents Prompts Confidentiality
Claude Desktop + LawTasksAI Sent to Anthropic Sent to Anthropic โš ๏ธ Anthropic's policy applies
ChatGPT + LawTasksAI Sent to OpenAI Sent to OpenAI โš ๏ธ OpenAI's policy applies
OpenClaw + Cloud LLM + LawTasksAI Sent to LLM provider Sent to LLM provider โš ๏ธ Provider's policy applies
OpenClaw + Local LLM + LawTasksAI Stay local Stay local โœ… Fully confidential

Architecture Overview

LawTasksAI includes 200+ AI-powered legal skills. Your data is never sent to LawTasksAI โ€” we deliver expert frameworks, your AI assistant applies them.

๐Ÿ”’ 100% Local Execution

Your questions, documents, and results are never sent to LawTasksAI. You choose which AI model processes your work โ€” a local LLM for maximum privacy, or a cloud provider with appropriate data protections.

๐Ÿ“ฆ What Our Server Does

LawTasksAI.com never sees your prompts, your client files, or your client data. Our server only validates your license key and delivers the expert analysis framework. Think of it like downloading a template โ€” the work happens on your end.

What Your Device Sends to Us

The only data transmitted to LawTasksAI servers is:

  • Your license key (for authentication and credit deduction)
  • The task ID (which expert framework to retrieve)
  • That's it โ€” no questions, no documents, no results

Encryption & Security

Data in Transit

All API communication uses TLS 1.2 or higher encryption. Data transmitted between your device and our servers is protected with industry-standard encryption protocols.

Data at Rest

Task outputs are delivered directly to your device. Only account information (email, credit balance) is stored in our secure database. We do not see or store case documents, client names, or matter details.

Third-Party Services

  • Stripe: Payment processing (PCI-DSS compliant)
  • OpenAI / Anthropic / other AI providers: Only involved if YOU choose to use their AI model on your machine (your choice, not ours)
  • Google Cloud: Infrastructure hosting with enterprise-grade security

Compatibility with Security Tools

Works with Prompt Guard & ClawSec

If you use security skills like Prompt Guard or ClawSec to protect your AI assistant, LawTasksAI works seamlessly alongside them. Our loader skill simply makes secure API calls to retrieve results โ€” it does not modify system files, inject prompts into other skills, or alter your agent's configuration in any way.

Why Our Approach Is Safer

A recent Snyk security analysis of nearly 4,000 publicly available AI skills found that 7.1% contained critical security flaws โ€” including exposed credentials, prompt injection vulnerabilities, and unauthorized code execution.

LawTasksAI avoids these risks entirely:

๐Ÿ›ก๏ธ Typical Public Skills

Full skill code runs on your machine. If compromised, it can access your files, inject malicious prompts, or exfiltrate data. 7.1% of public skills have critical flaws.

โœ… LawTasksAI Approach

A thin loader fetches an expert analysis framework from our server and your AI applies it. No executable code, no system access, no hidden behavior.

๐Ÿ” Supply Chain Security

Every LawTasksAI release is scanned by 70+ antivirus engines via VirusTotal before publication. Our loader contains no executable code beyond a simple API call โ€” there is nothing to exploit. Your documents and client data remain completely isolated from our skill logic.

Your Responsibilities

While we provide secure infrastructure, you play a critical role in protecting your data:

  • Consider using a local AI model (like Ollama via OpenClaw) for highly sensitive documents โ€” this keeps everything 100% on your machine with no cloud AI involved
  • Keep your device secure with updated antivirus software and strong passwords
  • Don't share your account โ€” each attorney should have their own login

Security Concerns?

If you discover a security vulnerability or have questions about our data practices, contact us immediately.

security@lawtasksai.com

Related Policies

For more details on how we handle your data:

Last updated: February 2026