ABA Opinion 512 says your AI use is a competence and confidentiality duty.
The American Bar Association and at least nine state bars have issued formal guidance on lawyer use of generative AI. Confidentiality, competence, supervision, and billing duties all now expressly cover AI tools.
Bar guidance and rules now in force
Each item below is already in force or has a confirmed enforcement date. Sources are named so your compliance team can verify in minutes.
ABA Formal Opinion 512
Lawyers using generative AI must understand the technology, protect client confidentiality, supervise output, communicate with clients, and bill reasonably.
Source: ABA Standing Committee on Ethics, Formal Opinion 512 (July 29, 2024)
Model Rules 1.1 (Competence) & 1.6 (Confidentiality)
Apply directly to AI tools. Comment 8 to Rule 1.1 (technology competence) is the anchor cited by every state bar opinion on AI.
Source: ABA Model Rules of Professional Conduct
State bar AI guidance (CA, NY, FL, NJ, PA, DC, VA and more)
Multiple state bars have issued formal opinions on generative AI; California (Practical Guidance, Nov 2023) and New York (Report, April 2024) are widely cited.
Source: California State Bar Practical Guidance on AI (Nov 2023); NYSBA AI Task Force Report (April 2024)
EU AI Act — General-Purpose AI & Confidentiality
Firms with EU clients or matters must consider deployer obligations and confidentiality in cross-border AI use.
Source: Regulation (EU) 2024/1689
These dates are not theoretical
Two enforcement deadlines have already passed. The next major one — EU AI Act high-risk obligations — is live below.
The Regulatory Clock Is Running
Two EU AI Act deadlines have already passed. The next — August 2, 2026 — applies to High-Risk AI across healthcare, finance, HR, education, and insurance. Full enforcement begins that date.
Source: European Commission AI Act Service Desk
Next Enforcement Deadline
2 August 2026 — High-Risk AI Full Compliance
45
Days
00
Hours
18
Minutes
09
Seconds
2 February 2025
PassedProhibited AI practices banned + AI Literacy (Article 4) obligations began.
If you have not acted, you are already non-compliant.
2 August 2025
PassedGPAI model obligations + governance infrastructure required.
If you have not acted, you are already non-compliant.
2 August 2026
NextHigh-Risk AI systems (Annex III) must be fully compliant. Article 50 Transparency rules apply. Full enforcement begins.
2 August 2027
UpcomingHigh-Risk AI embedded in regulated products (medical devices, aviation).
July 29, 2024
ABA Formal Opinion 512 issued
Defines the affirmative duties lawyers owe when using generative AI. Already cited by malpractice carriers and disciplinary boards.
Source: ABA Formal Opinion 512
Ongoing
Court orders requiring AI disclosure
Federal and state judges have issued standing orders requiring disclosure of generative AI use in filings.
Source: U.S. District Court standing orders (multiple)
August 2, 2026
EU AI Act high-risk obligations
Cross-border practice involving EU clients raises deployer obligations.
Source: EU AI Act, Article 113
The cost of getting this wrong is no longer theoretical
Real cases. Named parties. Public records. These are the precedents your board, your auditors, and your insurer will reference.
Mata v. Avianca (S.D.N.Y.)
$5,000 sanctions + public reprimand
Lawyers sanctioned for filing brief with fabricated ChatGPT citations — the now-canonical cautionary case.
Source: Mata v. Avianca, Inc., 22-cv-1461 (S.D.N.Y. June 22, 2023)
Park v. Kim (2d Cir.)
Referral to grievance committee
Second Circuit referred attorney to grievance panel for citing nonexistent AI-generated cases.
Source: Park v. Kim, 91 F.4th 610 (2d Cir. 2024)
Morgan & Morgan partner sanctions
$3,000 sanctions
Federal court sanctioned attorneys for AI-generated fictitious citations in a personal injury filing.
Source: Wadsworth v. Walmart, 1:23-cv-118 (D. Wyo. Feb 24, 2025)
Mapped to the NIST AI Risk Management Framework
Every engagement is structured around the four NIST AI RMF Core functions. Your auditors and clients already recognize this language.
NIST AI RMF — Govern
Firm AI policy aligned to ABA 512 and applicable state bar opinions; partner-level accountability.
NIST AI RMF — Map
Inventory AI tools by practice area, matter type, and client confidentiality requirements.
NIST AI RMF — Measure
Output verification protocols (cite-checking, hallucination review) with documented evidence.
NIST AI RMF — Manage
Client engagement letter language, billing standards, supervision of associates and staff use.
AI Governance & Compliance Studio
Two ways to start. One clear path forward.
Whether you need a fast read on your exposure or a deeper conversation about your governance strategy, NeuralEdge gives you a structured next step — never a sales pitch.
Free AI Readiness Snapshot
A 5-minute interactive self-assessment scored against the NIST AI RMF Core. See your readiness level immediately.
Get Your Free AI Readiness Snapshot30-Minute Compliance Review
A working session with a NeuralEdge consultant. Bring your questions, leave with a clear action list.
Book a 30-Minute Compliance ReviewFrequently asked questions
Do I need to disclose AI use to clients?
ABA Opinion 512 requires communication with clients consistent with Rule 1.4. Many state bars (and engagement letters) now treat AI disclosure as a default. We help you write defensible engagement-letter language.
What about confidentiality with public AI tools?
Inputting confidential client information into a public, non-zero-retention AI tool likely violates Rule 1.6. Your governance must define approved tools, retention settings, and prohibited inputs.
Are non-lawyer staff covered?
Yes — supervisory rules (5.1, 5.3) make partners responsible for AI use by associates and non-lawyer staff. Training and written policy are essential evidence.
Can we build this in 30 days?
A defensible policy + inventory + verification protocol + training rollout typically takes 4–6 weeks for a mid-sized firm.