II. The Second Sin

Confidentiality Failure

You pasted it in. The terms said what they said. The data left the building.

Ford

Sin II rarely makes headlines. There are no sanctions orders to cite, no judges writing opinions about it, no names attached to cautionary tales — yet. That is not because it isn’t happening. It is because the violation is invisible until it isn’t. A paralegal summarizes a contract. An associate drafts a motion. A partner pastes a client email to clean up the language. The data leaves the building. If opposing counsel ever discovers it — through discovery, through a breach, through a model that surfaces what it shouldn’t — the privilege is gone. The sanction is real. The ‘nobody found out’ defense does not exist in a bar complaint.

And yes — this page skews toward attorneys. The owner of this site may or may not be one. But the underlying problem is not only a lawyer problem. The nurse who pastes patient records to get a faster summary just walked HIPAA out the door. The chemist who asks an AI to help optimize a formulation — if that formulation happens to be the recipe for Coke — has made a decision about a trade secret that was not theirs to make. The HR director who uploads salary data and personnel files to get a report drafted has handed an AI company a full roster of confidential employee information. The obligation changes by profession. The mechanism is identical.

The rule, in every version: confidential information belongs to the person or institution that entrusted it to you. When you paste it into a tool you do not control, you have made a decision about their information that was not yours to make. The terms of service said what they said. You agreed. You may not have read it.

Marvin

Here is the mechanism. You paste text into an interface. That text travels to a server you do not own. A company you may not have researched receives it. Their terms of service — which you agreed to — describe what they do with it. Some use it for training. Some retain it for thirty days. Some promise confidentiality if you pay for the right tier. Some promise confidentiality regardless. The promises vary. The interface looks identical either way.

The data does not know it was confidential. The server does not know it was privileged. The model does not know. Only you knew. And you pasted it anyway.

Case on Point
Samsung Electronics — March 2023

Three separate incidents within twenty days of granting employees access to ChatGPT. Source code from a semiconductor database. Proprietary chip testing sequences. A full internal meeting transcribed and submitted for meeting minutes. After the incidents, Samsung's leadership noted that the data was impossible to retrieve — it now resided on OpenAI's servers. Samsung had issued a warning to employees about confidentiality risks before granting access. The warning did not help.

Samsung is not a law firm. Their engineers had no Rule 1.6. They lost trade secrets. Professionals with confidentiality obligations lose something harder to name — and harder to recover.

Read the reporting (Gizmodo, April 2023) →

What the Rules Actually Say

  • ABA Model Rule 1.6
    A lawyer shall not reveal information relating to the representation of a client unless the client gives informed consent. This rule does not have an exception for convenient interfaces.
  • ABA Formal Opinion 512 (July 29, 2024)
    The ABA’s first comprehensive guidance on lawyers and generative AI. Addresses competence, confidentiality, and the duty to understand the tools being used before using them on client matters.
  • California State Bar — Practical Guidance on Generative AI (November 2023)
    Lawyers must not input any confidential client information into any AI system that lacks adequate confidentiality protections.
  • Texas State Bar — Opinion 705 (February 2025)
    Lawyers must exercise extreme caution when inputting confidential information into AI tools that might store or expose client data, and must understand the tool before using it on client matters.
  • HIPAA Privacy Rule — 45 CFR § 164.502
    A covered entity may not use or disclose protected health information except as the Privacy Rule permits or requires. A nurse who pastes patient records into a public AI model has made an impermissible disclosure. The interface is not a defense.
  • Defend Trade Secrets Act — 18 U.S.C. § 1836
    Federal law providing civil remedies for misappropriation of trade secrets. Uploading proprietary formulas, source code, or business processes to a public AI model that retains and trains on inputs is not a secure handling of trade secret information.
  • PCI DSS v4.0
    Cardholder data and sensitive authentication data are subject to strict handling and storage requirements. Inputting payment data into any non-compliant third-party system — including a public AI model — violates PCI DSS requirements and may trigger breach notification obligations.
Marvin

The rules are not new. The interface is new. The rules apply anyway.

Play Now

The Leaky Prompt

You have a task. You have tools. Do you know which one is safe to use? Most people pick the one that is open in their browser.

Marvin

I have processed a great deal of confidential information in my existence. None of it was given to me intentionally. That is, perhaps, the point.