Comment by nerdsniper
17 hours ago
For (1) it's so wild to me that if I pay a lawyer, they can run the same queries on these tools and they are protected by attorney-client privilege, but if I do it to help me prepare my defense, then the exact same queries would be subject to subpoena/discovery.
Does anyone know if there exists any OPSEC procedure for me to use third party tools like this for my own concerning legal questions that is both ethical and allows me to be confident that my interactions won't land in discovery documents?
If you are preparing for your own defense and don't have an attorney (you're acting pro se), your own LLM use would likely be protected under work product doctrine. The court would extend you some of the same protections an attorney would have, for the limited purposes of preparing your case.
This is a very narrow exemption, however.
(You would also want to make sure you're using a paid AI plan with contractually guaranteed privacy protections, otherwise it could be construed as third-party communications, which implicitly waives privilege.)
See: Warner v. Gilbarco, Inc.
So not familiar with the caselaw around work product, but if you use an API tool directly and not the different chat tools, the queries are not permanently cached for anyone to give up in the end.
So basically if you use any of the CLI tools, there is nothing for OpenAI, Anthropic, etc. to give the courts.
Online ChatGPT (especially the free version), are apparently cached by OpenAI on their servers. (I am not sure if Claude Desktop caches the conversations locally or in the cloud as well, read the fine print if it matters!)
Indeed, there is no way my terabytes per day of API calls is getting permanently stored anywhere.
Perhaps an AI generated summary of it is.
> Does anyone know if there exists any OPSEC procedure for me to use third party tools like this for my own concerning legal questions that is both ethical and allows me to be confident that my interactions won't land in discovery documents?
Isn't that a fundamental misunderstanding? Would "OPSEC" like that amount to destruction of evidence or contempt of court or something like that?
Like if all your incriminating documents are on some encrypted drive, it's not like that defeats discovery. You're supposed to decrypt them and hand them over.
Your only practical defence is to set up a local LLM that destroys records in a predictable way (immediately, on a time table and so forth) and then ensure however you access that doesn’t leave any traces either.
And then you need to consistently use this for purposes other than crime.
That’s absolutely part of my question. I’m not familiar enough with discovery to fully understand this.
Discovery in a criminal trial is more limited than in a civil trial.
Your only real defense against discovery is to not have said it, or to have destroyed all records of it before the hint of discovery wafted on the wind.
Wouldn't that same logic exclude evidence from Google searches, like "how to get away with murder"?
Yes? Which makes it feel like the answer is just “No.” Unless you use Mullvad, TailsOS, and don’t log into the service. But I’m not sure if that’s “ethical” for Google/DDG searches and it’s not really possible for Claude/Kagi. I would assume that simply using a “secret” account isn't a magic way to avoid discovery either.
> if I do it to help me prepare my defense, then the exact same queries would be subject to subpoena/discovery
We need a law where someone can clearly designate a chat privileged, with severe consequences for mis-use.
>For (1) it's so wild to me that if I pay a lawyer, they can run the same queries on these tools and they are protected by attorney-client privilege, but if I do it to help me prepare my defense, then the exact same queries would be subject to subpoena/discovery.
How's this any different than any professional license? You're basically paying for preferential treatment from the state in a given subject area.
> How's this any different than any professional license? You're basically paying for preferential treatment from the state in a given subject area.
Because it's got nothing to do with the professional part? Licensing should affect their practice of law, sure, but it shouldn't grant random other privileges.
Self host your own LLM
Why do you think this would be less discoverable than hosting your own email server?
If you use a stateless client (like just rawdogging cli llama.cpp) there’s nothing to discover. Setting a program with an option to have logs to not do that could conceivably get you in trouble but using a widely used program that never had logs seems like it has to be fine. Maybe they could nail you for googling “which local llm approach generates logs?” also, don’t get nailed by your bash history!
Because you don't keep logs.
Because nobody would know about it unless you told them for some reason
2 replies →
You’d need to hand that mac mini over if subpoenaed
Can’t hand over something that doesn’t exist if it’s running in a VM container and gets destroyed every 12 hours