ARTICLE
5 March 2026

Federal Court Rejects Privilege Claims For AI-Generated Chat Materials

RJ
Roth Jackson

Contributor

Roth Jackson logo
Roth Jackson and Marashlian & Donahue’s strategic alliance delivers premier regulatory, litigation,and transactional counsel in telecommunications, privacy, and AI—guiding global technology innovators with forward-thinking strategies that anticipate risk, support growth, and navigate complex government investigations and litigation challenges.
Explore Firm Details
A recent ruling in the Southern District of New York highlights a rapidly developing risk area for companies and individuals using generative AI tools...
United States Technology
Diana James
Your Author LinkedIn Connections
Diana James’s articles from Roth Jackson are most popular:
  • within Technology topic(s)
Roth Jackson are most popular:
  • within Technology topic(s)

This advisory was prepared with contributions from Fusheng Zhou, Summer Associate and J.D. Candidate, George Washington University Law School.

Practical Implications for Using Generative AI in Legal and Compliance Contexts

A recent ruling in the Southern District of New York highlights a rapidly developing risk area for companies and individuals using generative AI tools in connection with legal analysis, internal investigations, regulatory strategy, or litigation preparation: materials generated through third-party AI platforms may not be protected by attorney-client privilege or the work product doctrine, even if they are later shared with counsel. Although the posture is criminal, the practical implications are broader because many organizations are incorporating generative AI into workflows that historically were handled through confidential attorney-client channels.

What Happened in United States v. Heppner

In United States v. Heppner, No. 25 Cr. 503 (S.D.N.Y.), the defendant generated multiple documents by inputting prompts into a commercial generative AI platform prior to arrest. The defendant later shared those AI-generated materials with defense counsel and asserted they were protected from disclosure by attorney-client privilege and the work product doctrine.

The government moved for a ruling that the documents were not privileged and must be produced. The court agreed with the government's position and rejected privilege and work product protection for the AI-generated materials on the facts presented.

Core Legal Principles Applied by the Court

The ruling reinforces three foundational principles that are likely to shape future disputes involving generative AI tools:

  1. Privilege Requires an Attorney–Client Communication

Attorney-client privilege protects confidential communications between a client and an attorney for the purpose of seeking or providing legal advice. Communications with a third-party AI platform are not communications with an attorney. The AI interaction occurs outside counsel's participation, privilege is difficult to establish at the threshold.

  1. Confidentiality Is a Hard Requirement

Privilege depends on confidentiality. Disclosing information to a third party generally prevents privilege from attaching or can waive it. The use of a commercial AI platform can undermine confidentiality where the platform's terms, retention practices, or access controls do not align with a reasonable expectation that the communications will remain confidential.

  1. Work Product Typically Requires Counsel Direction and Litigation Purpose

Work product protection generally applies to materials prepared by or for counsel, or at counsel's direction, in anticipation of litigation. AI-generated materials are created independently by a business principal or employee, without attorney direction or supervision, work product protection is far less likely to apply.

Why This Matters for Businesses

Many organizations are now using generative AI as a "first stop" for legal and compliance questions. Heppner underscores that this practice can create new and often unanticipated discovery exposure.

Key implications include:

  • AI chats and outputs may be discoverable. If the content is relevant to claims or defenses, it can be subject to production in litigation or investigations.
  • Later sharing with counsel may not cure the problem. Providing AI-generated materials to attorneys does not necessarily transform them into privileged communications or protected work product.
  • Unsupervised AI use can create a written record of sensitive legal strategy. Prompts and outputs can reflect internal assessments, assumptions, and admissions in a form that is easy for adversaries to exploit.

Practical Steps Organizations Should Consider Now

Non-legal entities that use generative AI in legal, compliance, or investigations contexts should consider implementing controls calibrated to privilege and discovery risk:

  • Adopt clear internal rules for "legal-use AI." Define when AI may be used, by whom, and for what categories of questions, with special restrictions for threatened litigation, investigations, regulatory responses, and incident response.
  • Route sensitive use through counsel-directed workflows. If AI assistance is desired in anticipation of litigation, require counsel to structure and supervise the process to better support work product arguments.
  • Prefer enterprise tools with confidentiality and retention protections. Align tool selection with contractual and technical safeguards, including retention limits, training restrictions, access controls, and audit logs.
  • Update litigation hold and eDiscovery readiness. Identify where AI chats are stored (browser history, vendor portals, exports, integrations) and ensure the organization can preserve and collect defensibly when needed.
  • Train personnel on the "AI is not a privileged channel" rule. Employees should assume that what they input or generate may be reviewed later by regulators, investigators, or opposing counsel.

While Heppner addresses privilege and work product in a criminal setting, related civil litigation developments are reinforcing a broader trend: courts are increasingly willing to treat AI chat histories as ordinary electronically stored information, which can be compelled in discovery when relevant. The practical consequence is that the primary risk is often production and scrutiny first, with privilege and admissibility disputes later.

Nonetheless, early case law is not uniform across privilege doctrines or fact patterns. In Warner v. Gilbarco, Inc., No. 2:24-cv-12333 (E.D. Mich. Feb. 11, 2026), the court denied a request to compel sweeping discovery into a pro se plaintiff's use of third-party AI tools in connection with the lawsuit, holding that the requested information was protected by the work product doctrine and rejecting the argument that using ChatGPT alone constituted waiver of work product protection. The court reasoned that waiver of work product generally requires disclosure to an adversary (or a disclosure likely to reach an adversary) and observed that "ChatGPT (and other generative AI programs) are tools, not persons."

Read alongside Heppner, Warner reinforces a practical point for organizations: outcomes will often turn on (i) confidentiality expectations and tool terms (privilege) and (ii) whether the requested material would reveal protected mental impressions prepared for litigation (work product), and on how narrowly or broadly discovery is framed.

Conclusion:

Generative AI can be a powerful productivity tool, but it is not a lawyer and it is not a privileged communications channel. Absent careful governance and counsel-directed workflows, AI-generated legal analysis may be treated as discoverable material rather than protected legal work.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Diana James
Diana James
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More