Terms of Service vs. Privacy Policy: Why Every Lawyer Using AI Needs to Know the Difference
Blog post description.
5/30/20269 min read
Terms of Service vs. Privacy Policy: Why Every Lawyer Using AI Needs to Know the Difference
By Angeli Fitch, AI Compliance & Ethics Attorney | 20+ Years of Trial Experience | Creator of the State Bar-Approved CLE Course "AI Ethics for Attorneys"
Why do lawyers need to read AI vendor terms of service and privacy policies?
Because those documents govern what happens to your client's confidential information — and "I didn't read the terms" has never been a defense to a Rule 1.6 violation.
When an attorney inputs client data into an AI tool, something happens to that data. It goes somewhere, it is processed by someone's systems, it may be stored, it may be used for purposes beyond the immediate task. Whether any of that is permissible under your duty of confidentiality is not determined by the vendor's reputation, the tool's popularity, or the fact that your colleagues are using it. It is determined by what the vendor's legal documents actually say — and whether you read them.
Most attorneys have not read them. This is not a minor oversight. For lawyers using AI tools on client matters, reading and understanding vendor terms is a professional responsibility obligation, not optional background reading.
What is a Terms of Service agreement, and what does it govern?
A Terms of Service agreement — sometimes called Terms of Use, a Master Service Agreement, or an End User License Agreement depending on the product and context — is the contract between you and the vendor that governs your right to use the product. It defines what you are permitted to do with the tool, what the vendor is permitted to do in connection with your use, what happens when something goes wrong, and what remedies are available to each party.
For lawyers evaluating AI tools, the provisions that matter most in a Terms of Service are not the ones about pricing or account termination. They are the ones that define the vendor's rights over the content you submit.
Most AI vendor Terms of Service include a license grant in which the user grants the vendor certain rights over the content input into the system. The scope of that license varies significantly across vendors and products. Some vendors take a broad license that permits them to use submitted content to improve their models, develop new features, or train future AI systems. Others take a narrow license limited to what is necessary to provide the service. Some enterprise agreements exclude the license grant entirely for customer data.
An attorney who has not read the Terms of Service does not know which of these applies to their use. That uncertainty is not acceptable when the content being submitted belongs to a client.
What is a Privacy Policy, and how is it different from Terms of Service?
A Privacy Policy is a separate document that describes how the vendor collects, uses, stores, shares, and protects personal information. Where the Terms of Service defines the contractual relationship between user and vendor, the Privacy Policy describes the vendor's data practices — what they do with information as a matter of policy and, in many jurisdictions, as a matter of legal obligation.
The distinction matters because the two documents answer different questions.
The Terms of Service answers: what rights does the vendor claim over the content I submit, and what am I agreeing to allow?
The Privacy Policy answers: what does the vendor actually do with data about me and my use of the product, and how is it protected?
For a lawyer using an AI tool on client matters, both questions are essential. The Terms of Service may grant the vendor a license to use submitted content. The Privacy Policy tells you whether client data is retained after a session, who within the vendor's organization can access it, whether it is shared with third parties or subprocessors, where it is stored geographically, and what security measures protect it.
Reading one without the other gives you an incomplete picture. A Privacy Policy that describes robust data protection is less meaningful if the Terms of Service grants the vendor a broad license to use your content. A Terms of Service with a narrow license grant is less meaningful if the Privacy Policy describes retention practices that keep client data in the vendor's systems indefinitely.
What specific provisions should lawyers look for in a Terms of Service?
The license grant is the most important provision for lawyers to locate and read carefully. It typically appears under headings like "Your Content," "User Content," "Licenses," or "Intellectual Property." It describes what rights you are giving the vendor over the content you submit.
Look specifically for whether the license includes the right to use your content for model training or improvement. Some vendors include this right by default and allow users to opt out. Others exclude it unless the user affirmatively opts in. Enterprise agreements frequently exclude it entirely. The difference between these scenarios is the difference between a vendor that treats your client's information as training data and one that treats it as confidential material to be used only to provide the service you are paying for.
The indemnification and liability provisions tell you who bears the risk when something goes wrong. Many AI vendor agreements limit the vendor's liability to the amount the user paid for the service — often a small monthly subscription fee — regardless of the magnitude of the harm caused by a data breach or service failure. Understanding this provision before a problem occurs is materially different from discovering it afterward.
The modification clause tells you whether the vendor can change the terms unilaterally and on what notice. Many AI vendors reserve the right to update their Terms of Service with limited notice, sometimes as little as posting revised terms on their website. An attorney who agreed to favorable terms six months ago may be operating under materially different terms today without knowing it.
The acceptable use provisions describe what you are prohibited from doing with the tool. For lawyers, these provisions occasionally include restrictions on using the service for certain categories of sensitive information — health data, financial data, information subject to regulatory protection. Violating acceptable use provisions can result in account termination, which creates its own professional responsibility issues if you are mid-matter.
What specific provisions should lawyers look for in a Privacy Policy?
Data retention is the provision that generates the most risk for attorneys who have not read it. It describes how long the vendor keeps data you submit — session data, conversation history, uploaded documents, account information — and under what circumstances it is deleted.
Some AI tools retain conversation history indefinitely unless the user actively deletes it. Others retain data for a fixed period for safety review purposes even after user deletion. Enterprise products often include data deletion on termination. Knowing what applies to your use matters because client data sitting in a vendor's systems is client data that exists outside your control and outside your firm's security perimeter.
Subprocessor disclosures identify the third parties the vendor shares your data with to provide the service. AI products routinely use subprocessors for cloud infrastructure, security services, analytics, and customer support. Each subprocessor that receives client data is a potential confidentiality exposure. Privacy policies vary significantly in how transparently they disclose subprocessor arrangements — some provide a full list with links to each subprocessor's own privacy terms, others describe categories of third parties without specifics.
Data use for model training is sometimes addressed in the Privacy Policy rather than — or in addition to — the Terms of Service. Look for both. Some vendors describe their training data practices in one document and the license for that use in the other. Reading both tells you the complete picture.
Geographic data storage matters for lawyers with clients in regulated industries or jurisdictions with data sovereignty requirements. Many AI vendors store data in the United States but may use subprocessors in other jurisdictions. For attorneys with international clients or matters involving GDPR-protected data, where data is stored and processed is a compliance question, not just a preference.
Security certifications and incident response obligations tell you what the vendor has committed to in terms of protecting your data and notifying you if something goes wrong. Look for SOC 2 Type II certification as a baseline. Look for breach notification commitments — how quickly the vendor will notify you of a security incident, and in what form. Your own breach notification obligations to clients and regulators run on tight timelines in most jurisdictions, and those timelines depend on when you receive notice from the vendor.
Do these documents change, and how does a lawyer keep up?
They change regularly, and most attorneys have no system for tracking those changes.
AI is one of the fastest-moving product categories in the technology industry. Vendors update their Terms of Service and Privacy Policies in response to new features, new regulatory requirements, competitive pressure, and strategic shifts in how they want to use customer data. A vendor that had favorable terms when you first evaluated their product may have materially different terms today.
The legal obligation does not reset to zero when the vendor updates their terms. If an attorney is using a tool on client matters, they have an ongoing obligation to understand what those terms require. A modification clause that permits unilateral updates means the attorney is responsible for monitoring those updates — not the vendor.
Practically, this means attorneys should designate a review cycle for the AI tools their firm uses — at minimum annually, and whenever a vendor announces a material update to their terms. It also means that vendor selection should include an evaluation of how transparently a vendor communicates changes to their policies. A vendor who posts a notice in a footer link is not giving you the same visibility as one who sends email notification of material changes.
What is the connection between these documents and a lawyer's duty of confidentiality?
Rule 1.6 requires attorneys to make reasonable efforts to prevent the inadvertent or unauthorized disclosure of information relating to the representation. The ABA's Formal Opinion 477R, issued in 2017 and still cited widely, established that this duty requires attorneys to apply a fact-based analysis when using technology that transmits client information — considering factors including the sensitivity of the information, the likelihood of disclosure, and the attorney's ability to evaluate the protections in place.
Reading and understanding an AI vendor's Terms of Service and Privacy Policy is not an aspirational best practice under this framework. It is the minimum required to perform the fact-based analysis Rule 1.6 demands. An attorney who cannot describe what their AI vendor does with client data has not performed that analysis.
The consequences of getting this wrong are not hypothetical. A vendor who uses client data for model training has potentially exposed that data to subsequent users of the model. A vendor with inadequate security practices may experience a breach that exposes client information. A vendor who retains data after termination may be subject to a subpoena or government request that touches information the client reasonably expected to be protected.
None of these scenarios require bad intent on the attorney's part. They require only that the attorney did not read the documents that governed what happened to their client's information.
What about enterprise agreements — do they change this analysis?
Significantly, and in most cases favorably. This is one of the strongest arguments for using enterprise or business tiers of AI products rather than consumer accounts when doing legal work.
Enterprise agreements — whether through a vendor's direct enterprise offering or through a legal-specific platform built on top of an AI model — typically include provisions that consumer terms do not. These commonly include data processing agreements that comply with applicable privacy regulations, contractual commitments that customer data will not be used for model training, enhanced security obligations, subprocessor disclosure requirements, breach notification timelines, data deletion on termination, and audit rights.
These provisions exist because enterprise buyers negotiate for them. They are not always present by default — sometimes they require negotiation, and sometimes they require an attorney to ask for them specifically. But they represent a materially different risk profile than a consumer account, and for law firms doing client work on AI platforms, they are worth pursuing.
The threshold question an attorney should ask before using any AI tool on a client matter is: am I using this under terms that were designed for the kind of data I am about to submit? If the answer is a consumer Terms of Service that was written for individual users sharing their own information, and the data you are about to submit is a client's confidential legal matter, the mismatch between those two things is the risk you need to evaluate before you proceed.
What is the practical takeaway for attorneys who want to get this right?
Read the documents. Both of them. For every AI tool your firm uses on client matters.
This does not require a law review analysis of every provision. It requires locating and reading the license grant in the Terms of Service, the data retention and training practices in the Privacy Policy, and the subprocessor and security provisions that govern how client data is protected. For most tools, this takes less than an hour. The professional responsibility exposure it prevents is significantly larger than the time it costs.
If your firm has an IT department or a vendor management function, this review should be part of every AI tool approval process — not something that happens after deployment. If you are a solo practitioner or small firm attorney making these decisions on your own, build the habit now, before your practice is built around tools you have never formally evaluated.
And document your review. If a disciplinary authority or malpractice carrier ever asks what due diligence you performed before using a particular AI tool on client matters, a record of your review of the vendor's current terms is a meaningful answer. The absence of that record is not.
If you want a structured framework for evaluating AI vendor documents — what to look for, what constitutes a red flag, and how to map vendor terms to your specific professional responsibility obligations — this is exactly the kind of practical guidance I provide in my State Bar-approved CLE course, AI Ethics for Attorneys, and in my direct advisory work with law firms. [Contact me] to discuss what your firm needs.
Angeli Fitch is an AI Compliance & Ethics Attorney and trial lawyer with more than 20 years of experience. She is the creator of the California State Bar-approved CLE course "AI Ethics for Attorneys" and advises law firms and legal professionals on ethical AI adoption, compliance, and governance. She is Of Counsel at Infinity Law Group and available for speaking engagements, CLE instruction, and advisory work.