THE USE OF GENERATIVE ARTIFICIAL INTELLIGENCE BY LEGAL PROFESSIONALS AND THE DUTY TO PROTECT CONFIDENTIAL DATA

Abstract

This article analyzes the legal risks arising from the use of generative artificial intelligence systems by legal professionals, focusing on the tension between the operational efficiency provided by these tools and the duty of professional confidentiality and personal data protection. Based on an understanding of the technical foundations of large language models (LLMs) and the mechanisms of data storage, retention, and reuse, the article examines how the insertion of clients’ confidential information into open AI platforms may constitute a violation of professional secrecy as established in the Statute of the Legal Profession, as well as of the data protection framework set forth by the General Data Protection Law (LGPD). The analysis explores documented cases of data exposure, the informational governance duties applicable to lawyers in their role as data controllers, and the hypotheses of civil liability arising from the negligent use of such technologies. It concludes that the responsible adoption of generative AI in legal practice requires digital competence, effective informational governance, and the genuine protection of clients as essential conditions for the ethical practice of law in the 21st century.