Offline vs. cloud legal AI: which is safe for client confidentiality?
Every legal-AI tool makes the same promise — save time on documents — but they split into two very different camps on the question that actually matters for a lawyer: where does your client's data go?
How cloud AI handles your data
When you paste a document into a cloud AI tool or upload it to a web app, it travels to the provider's servers. There, three things can happen depending on the terms of service: the data may be retained for some period, it may be accessible to the provider's staff or subprocessors, and it may be used to train future models. Reputable legal-AI vendors offer protections — zero-retention agreements, no-training commitments, business associate agreements — but the burden is on you to confirm them, and to keep confirming as terms change.
How on-device AI handles your data
On-device AI runs the model on your own hardware. The document is read, summarized, and analyzed locally; nothing is transmitted. There is no vendor server holding the file, no terms of service to monitor, no subprocessor list to vet. If your laptop is offline, it still works. The confidentiality question — "could this data be disclosed to someone outside the representation?" — answers itself: no, because it never left your machine.
A framework for evaluating any AI tool
Whatever a tool is called, ask these five questions in order:
- Does my client's document leave my computer? If no, you've eliminated the biggest risk and can stop worrying about the next four. If yes, keep going.
- Is the data retained, and for how long? Look for zero or short retention.
- Is it used to train models? You want a clear "no."
- Who can access it? Employees, subprocessors, law enforcement on request?
- Is there a contract that binds them? A BAA or enterprise data-protection agreement, not just a marketing claim.
Notice that on-device tools let you stop at question one. That simplicity is the point — it's far easier to defend "the data never left my laptop" than to monitor a vendor's evolving data practices.
The honest trade-off
Cloud AI isn't evil, and on-device AI isn't magic. Cloud models can be larger and faster, which helps for open-ended legal research and long-form drafting. On-device models are smaller but increasingly capable, and they're more than enough for the document work most solos need: organizing files, summarizing documents, building chronologies, and extracting deadlines.
A sensible split for a solo practice: use on-device tools for anything touching confidential client files, and reserve cloud tools for non-confidential, general tasks. That's the design philosophy behind ClerkSafe — the confidential, document-heavy first pass on a matter happens entirely on your machine, so confidentiality is never a judgment call.
ClerkSafe keeps it all on your computer.
Organize, summarize, and docket a new matter in minutes — with nothing uploaded. First 3 matters free, then a one-time $249.
Get early access →Frequently asked questions
Is cloud legal AI safe to use?
Cloud legal AI can be used responsibly, but it requires diligence: read the terms, confirm data isn't retained or used for training, check for a BAA or zero-retention agreement, and often obtain client consent. The risk is that your client's documents sit on a third party's servers.
What does on-device or offline AI mean?
On-device (offline) AI runs the AI model on your own computer. Your documents are processed locally and never uploaded. There is no vendor server holding your client data, which removes the main confidentiality risk.
Which is better for a solo attorney?
For confidentiality, on-device AI is simpler and safer because there's no third party to vet or trust. Cloud AI can offer more horsepower for research and drafting. Many solos use on-device tools for confidential document work and reserve cloud tools for non-confidential tasks.