How much revenue can IntelliBill recover for my law firm?

IntelliBill recovers an average of $47,000 per attorney annually by capturing unbilled time, optimizing rates, and identifying billing leakage.

Does IntelliBill integrate with my practice management software?

Yes, IntelliBill integrates with Clio, MyCase, PracticePanther, and other major practice management systems. Setup takes under 15 minutes.

Is my client data secure with IntelliBill?

Yes. IntelliBill uses AES-256 encryption and SOC 2 Type II compliance. We never store raw client data.

How does AI-powered legal billing work?

IntelliBill AI analyzes time entries, identifies under-billing patterns, suggests optimal rates, and flags entries at risk of write-off.

ABA Model Rule 1.6 in the Age of AI: What "Reasonable Efforts" Means for Legal Tech

2025-12-20

ABA Model Rule 1.6 in the Age of AI: What "Reasonable Efforts" Means for Legal Tech

Quick Answer: ABA Model Rule 1.6(c) requires attorneys to make "reasonable efforts" to protect client confidentiality. For AI billing tools, this means understanding where data is transmitted, who can access it, and whether third-party processing creates privilege waiver risk—not simply relying on vendor security certifications.

Introduction

ABA Model Rule 1.6(c) requires attorneys to "make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client."

For decades, this meant locking file cabinets and shredding documents.

Today, it means understanding exactly where your AI tools send client data—and whether that transmission creates privilege risk.

The Technology Competence Mandate

In 2012, the ABA added Comment 8 to Model Rule 1.1, requiring attorneys to maintain competence in "the benefits and risks associated with relevant technology."

This isn't optional guidance. It's a professional obligation.

When you use AI billing software that processes client emails on third-party servers, Comment 8 requires you to understand:

Where that data goes
Who can access it
How long it's retained
Whether it creates privilege waiver risk

"I didn't know" is not a defense.

What Counts as "Reasonable Efforts"?

ABA Formal Opinion 477R (2017) provides guidance on what "reasonable efforts" look like in the context of technology:

Factor 1: Sensitivity of the Information

Family law matters involving custody, criminal defense communications, M&A deal terms—these require heightened protection.

If you're handling sensitive matters and using AI tools that transmit data to third-party clouds, you need to document why that's a reasonable choice.

Factor 2: Likelihood of Disclosure

Cloud-based AI tools create multiple potential disclosure points:
- The vendor's servers
- The AI provider's infrastructure (OpenAI, Azure, Anthropic)
- Backup and disaster recovery systems
- Subpoena exposure in litigation

Each additional party increases disclosure likelihood.

Factor 3: Cost of Safeguards vs. Adverse Consequences

The malpractice claim from a privilege waiver could cost $75,000-$250,000 to defend.

The premium increase could add $3,000-$12,000 annually.

Compare that to the cost difference between cloud AI ($99-150/month) and local AI ($49-299/month).

The math favors caution.

Factor 4: Difficulty of Implementation

"It's too hard to set up" isn't a valid excuse under Rule 1.6.

Modern local AI tools like IntelliBill require minimal technical setup—often just a 20-minute installation on a standard laptop.

The Third-Party Disclosure Problem

Here's where most attorneys get tripped up:

Rule 1.6 protects against unauthorized disclosure. But what if you authorize a vendor to process your data?

When you click "I Agree" on a cloud AI tool's terms of service, you're authorizing data transmission to their servers. Under traditional privilege doctrine, this voluntary disclosure to a third party may waive privilege—even if the vendor promises confidentiality.

The "necessary agent" exception (the Kovel doctrine) may protect some technology vendors. But the exception has limits:

The vendor must be "necessary" for the representation
AI billing is arguably convenient, not necessary
Sub-processors (like OpenAI) add layers of complexity

What "Reasonable Efforts" Look Like in 2025

Based on current ethics guidance and developing case law, here's what reasonable efforts should include:

1. Vendor Due Diligence

Before adopting any AI tool, review:
- Terms of Service (not the marketing page)
- Privacy Policy (especially data retention and third-party sharing)
- Data Processing Agreement (if available)
- Security certifications (SOC 2, ISO 27001—but understand their limits)

2. Data Flow Mapping

Know exactly where client data goes. Ask vendors:
- Where are servers located?
- Do you use third-party AI providers (OpenAI, Azure, Anthropic)?
- What data is retained after processing?
- Can you respond to subpoenas for client data?

3. Client Disclosure

Consider adding technology disclosures to engagement letters:

"Our firm uses technology tools to enhance efficiency, including artificial intelligence software. We select vendors with strong security practices. By signing this engagement letter, you acknowledge this disclosure."

4. Local Processing Alternatives

For matters requiring maximum confidentiality, consider tools that process data locally:
- No third-party cloud transmission
- No subpoena exposure to vendor servers
- Data stays under your direct control

The IntelliBill Approach

We built IntelliBill specifically to satisfy the "reasonable efforts" standard without compromise:

Local Processing: AI runs on your device or your office server. Client data never touches third-party clouds.

No OpenAI/Azure/Anthropic: We use Ollama with Llama models that run entirely locally. No API calls to external AI providers.

Your Infrastructure, Your Control: Even our "hosted" option keeps AI processing isolated to your dedicated instance.

This isn't just marketing—it's the architecture that Rule 1.6 demands.

Action Steps

Audit your current AI tools. Where does data go? Read the ToS.
Document your reasoning. If you use cloud AI, document why you believe it satisfies "reasonable efforts."
Update engagement letters. Disclose AI use to clients.
Consider local alternatives. For sensitive matters, tools with local processing eliminate third-party risk.
Download our compliance guide. 18 pages of practical guidance on AI billing and privilege risk.

[Download the Free Guide: The Hidden Privilege Risk in AI Billing Software →]

Conclusion

"Reasonable efforts" isn't a fixed standard—it evolves with technology and client expectations.

In 2025, reasonable efforts means understanding that "SOC 2 certified" and "encrypted in transit" don't address privilege waiver. It means asking vendors hard questions about data flows. And for sensitive matters, it may mean choosing tools that keep data under your direct control.

The attorneys who take this seriously now will avoid the malpractice claims and ethics complaints that are coming for those who don't.

This article is for informational purposes only and does not constitute legal advice. Consult your state bar ethics hotline for jurisdiction-specific guidance.

ATTORNEY ADVERTISING

Comments

No comments yet. Be the first to comment!

ABA Model Rule 1.6 in the Age of AI: What "Reasonable Efforts" Means for Legal Tech

ABA Model Rule 1.6 in the Age of AI: What "Reasonable Efforts" Means for Legal Tech

Introduction

The Technology Competence Mandate

What Counts as "Reasonable Efforts"?

Factor 1: Sensitivity of the Information

Factor 2: Likelihood of Disclosure

Factor 3: Cost of Safeguards vs. Adverse Consequences

Factor 4: Difficulty of Implementation

The Third-Party Disclosure Problem

What "Reasonable Efforts" Look Like in 2025

1. Vendor Due Diligence

2. Data Flow Mapping

3. Client Disclosure

4. Local Processing Alternatives

The IntelliBill Approach

Action Steps

Conclusion

Related Articles

Comments

Stay Updated