Claude for Legal and Privilege: How ANZ Firms Keep Client Matters Protected

The first question most ANZ partners ask about legal AI is not what it can do. It is whether using it puts client confidentiality or legal professional privilege at risk. This guide sets out how a governed Claude for Legal deployment protects privileged and confidential material.

Does using AI break legal professional privilege?

Using AI does not automatically waive legal professional privilege, but an ungoverned deployment can create real risk. Legal professional privilege protects confidential communications between a lawyer and client made for the purpose of legal advice, and that protection depends on confidentiality being maintained. Courts have signalled that AI tool interactions are not automatically privileged and the ANZ position has not fully settled, so confidentiality must be actively preserved.

The practical risk is not the model itself. It is sending privileged material through an unapproved tool, with no record of what was shared and no control over where it went.

How does Claude for Legal handle confidential client matters?

Claude for Legal handles confidential matters within Anthropic's enterprise data handling framework, under which client matter content is not used to train future models (Source: Anthropic Enterprise Terms, May 2026). That is the baseline for an ANZ firm, not the ceiling. A governed activation adds firm specific controls on top.

Those controls decide which matters the system can reach, what is checked before submission, and what is logged. The firm, not the tool, sets the boundary.

Where is client data stored when an ANZ firm uses Claude?

Data residency is configurable, and a governed ANZ deployment is set to Australian endpoints so matter content does not transit offshore. This matters under the Australian Privacy Act, where cross border transfer of personal information carries specific obligations. Buyers and clients increasingly ask for a clear data residency answer before any evaluation proceeds.

Confirming residency early removes the most common procurement blocker. A vendor or deployment that cannot answer it cleanly is usually filtered out before the technical review.

What is a privilege classification step and why does it matter?

A privilege classification step is a checkpoint, run before any document reaches the model, where the supervising lawyer decides whether sensitive material should be submitted at all. It puts a human decision in front of the most sensitive content rather than relying on the tool to get it right. This keeps the privilege judgement where it belongs, with the lawyer.

In practice the step flags matters or document types that need review, so routine work flows through while sensitive items pause for a decision. It is a control, not a bottleneck.

How do ethical walls work with a legal AI deployment?

Ethical walls, the barriers that stop one team accessing another team's matter where there is a conflict, are enforced in the deployment rather than left to trust. The agent does not surface matter content across a wall, and for firms running conflict systems such as IntApp, conflict status can be checked before document retrieval is triggered. The wall that exists in your matter management is mirrored in the AI layer.

This means adopting AI does not quietly widen who can see what. The access model follows your existing conflict and confidentiality rules.

What audit trail should a firm keep for AI assisted work?

A firm should keep a record of every document submitted to the model and every output generated, tied to the matter and the supervising lawyer. This lets a partner demonstrate oversight if a client or regulator asks how AI was used on a matter. Without that trail, the firm cannot evidence the supervision it is relying on.

The audit trail also supports the firm's own quality control. It shows what was reviewed by a human before anything went to a client.

Does Claude for Legal train on our client data?

No. Under Anthropic's enterprise terms, client matter content submitted to Claude for Legal is not used to train future models (Source: Anthropic Enterprise Terms, May 2026). This is a core reason enterprise terms, rather than consumer tools, are the right basis for legal work.

A governed activation also documents this position in the firm's own acceptable use policy. That way the answer is written down, not assumed.

What governance does a firm need before AI touches client matters?

A firm needs a documented acceptable use policy, a privilege framework, a data residency position, and partner sign off, in place before AI touches client matters. Most firms that stall do so because they deployed a tool without any of these, then had to pause. Putting the framework first is faster overall, not slower.

The governance work is also where regulatory obligations are addressed, including APRA CPS 230 operational resilience for regulated entities and the Privacy Act. This is covered further in the AI governance guide for Australian businesses.

How does David and Goliath protect privilege during activation?

David and Goliath builds the privilege and confidentiality controls into the activation as a dedicated governance module, signed off by a partner before any client document enters the system unsupervised. Data residency, the privilege classification step, ethical wall enforcement, and the audit trail are configured as part of the deployment, not added later. The framework is documented so the firm can show its work.

The full programme is set out on the Claude Activation for legal page, and the deployment mechanics are in the complete Claude for Legal guide. Book a call to scope a governed activation for your firm.