Advanta is currently undergoing final system calibration ahead of launch. Selected infrastructure and experiences may still be in active refinement.

advanta

HomeModule Library

P4

Client Disclosure and Consent Guidelines

·

1–2 hours per new matter; 30 minutes per material AI change

Client Disclosure and Consent Guidelines for AI Use

Module Guide

Purpose

These Client Disclosure and Consent Guidelines give legal departments a structured, defensible way to communicate with clients about AI use. The Module covers the full disclosure lifecycle: scenario-based risk assessment, template selection, informed consent, billing transparency, change notifications, and specialised sector and cross-border situations. Every executed consent form and disclosure letter is treated as a DPS Defensibility evidence record.

When to Use It

  • Blueprint Stage: Pillar 4 — Governance, Risk & Defensible AI (ethical compliance)
  • Frequency: Every client engagement; whenever AI usage changes, expands, or a new tool is deployed
  • Audience: General Counsel, Legal Operations Lead, Practicing Attorneys, Client Relations
  • Context: Client engagement, consent procedures, billing transparency, risk management

Ecosystem Dependencies

| Dependency | Relationship |

|—|—|

| GOV-02 AI Use Policy | Must be adopted before disclosure procedures can be finalised — defines internal AI governance basis for client communications |

| GOV-04 Bias Testing & Monitoring Checklist | Results inform high-risk disclosure language, particularly for Class 3 (Bias) concerns |

| DAT-03 Data Processing Agreement | Executed DPA is a gate for any high-risk AI engagement where client data is processed |

| VEN-04 Security & Compliance Checklist | Vendor compliance score informs what can be asserted in client security disclosures |

| STR-07 AI Task Force Charter | AI Task Force reviews complex or ambiguous disclosure situations and serves as escalation authority |

How to Use It

  1. Risk Assessment: Evaluate AI tools using the Disclosure Scenario Framework (Section 2) to determine the required disclosure level.
  2. Template Selection: Select the appropriate template from Section 3 based on scenario.
  3. Metric 0 check: Confirm AI BoM entry exists for all tools being disclosed before proceeding.
  4. Client Communication: Present clear, specific information about AI use and benefits.
  5. Consent Documentation: Obtain and document client consent per Section 4 procedures.
  6. Ongoing Disclosure: Update clients about changes in AI usage, new tools, or Agentic Tier upgrades.
  7. DPS Record Retention: File all executed disclosure and consent records per Section 4 retention schedule.

Best Practices

  • Use clear, understandable language — avoid technical jargon and unnecessary legal terms.
  • Provide specific information about AI tools and applications (supported by AI BoM entries).
  • Allow adequate time for client questions and decision-making.
  • Document all disclosures, client responses, and consent decisions.
  • Never assert AI capabilities that have not been verified through VEN-04 assessment.
  • Do not use statistics or performance claims unless drawn from DPS-grade evidence.
  • Treat every executed consent form as a DPS Defensibility evidence record.

---

Metric 0 Pre-Check

Before initiating any client disclosure process, confirm all gates are met:

| # | Gate | Required |

|—|—|—|

| M0.1 | GOV-02 AI Use Policy adopted — provides governance basis for all client AI disclosures | Mandatory |

| M0.2 | AI BoM entry exists for each AI tool to be disclosed to the client | Mandatory |

| M0.3 | VEN-04 compliance assessment completed for any vendor tool referenced in disclosure | Mandatory for high-risk scenarios |

| M0.4 | DAT-03 DPA executed where client data will be processed by AI tool | Mandatory for Scenarios 2–4 and Agentic Tier |

| M0.5 | GOV-04 bias testing completed for any AI tool used in client-facing matter work | Required for Scenarios 3–4 and Agentic Tier |

Gate rule: All mandatory gates must be satisfied before distributing any client disclosure. For Agentic Tier (Level 4) AI tools, all five gates are mandatory.

---

Section 1: Legal and Ethical Framework

ABA Formal Opinion 512 — Core Requirements

ABA Formal Opinion 512 (2023) establishes that attorneys using generative AI tools in client matters must:

  1. Competence (Rule 1.1): Understand the capabilities and limitations of AI tools used; maintain current knowledge of AI developments relevant to practice.
  2. Communication (Rule 1.4): Inform clients about material AI use, particularly where AI output directly influences legal advice or work product.
  3. Confidentiality (Rule 1.6): Ensure client information is not used to train AI models without informed consent; verify data protection protocols with all vendors.
  4. Supervisory Obligations (Rule 5.3): Supervise AI tools and the work of non-lawyers using AI; attorneys remain responsible for all AI-assisted work product.
  5. Fees (Rule 1.5): Disclose when AI use materially affects billing; distinguish between efficiency gains that benefit the client and additional AI costs passed on.

Risk Taxonomy 2026 Cross-Walk

This Module addresses client disclosure obligations arising from five primary risk classes:

| Risk Class | Disclosure Obligation |

|—|—|

| Class 2: Privilege and Confidentiality | Disclosure of data handling practices, confidentiality controls, and whether client information may be used to train AI models; Model Rule 1.6 compliance |

| Class 3: Bias and Fairness | Disclosure that AI tools have known limitations and biases; attorney review gate assurance; GOV-04 bias testing completion |

| Class 4: Privacy and Data Protection | GDPR, HIPAA, FINRA, CCPA compliance disclosures; sub-processor transparency; data residency communication |

| Class 7: Regulatory Compliance Drift | Disclosure when AI tools are used in regulated practice areas (healthcare, financial services, IP); ABA Model Rules compliance assurance |

| Class 8: IP and Licensing | Disclosure of copyright, training data, and output ownership issues when AI tools generate work product |

Communication Duty — Model Rule 1.4

Model Rule 1.4 requires attorneys to keep clients reasonably informed and to explain matters sufficiently for clients to make informed decisions. In the AI context, this requires:

  • Disclosure when AI tools are used in a matter in a way that is material to the representation.
  • Explanation of the type of AI used (document review, drafting, research, autonomous task completion).
  • Explanation of how attorney oversight is maintained.
  • Notification of any material changes in AI tool use during the engagement.

Confidentiality Obligations — Model Rule 1.6

Model Rule 1.6 protects client confidential information. AI-specific confidentiality obligations include:

  • Verifying that AI vendor agreements prohibit use of client data for model training (VEN-04 gate).
  • Disclosing any data residency limitations or cross-border data transfer requirements (DAT-03).
  • Obtaining explicit consent where client data will be processed by third-party AI vendors.
  • Documenting confidentiality protocols in client-facing disclosures.

Billing Transparency Requirements

Attorneys must disclose when AI use affects fees. Required disclosures include:

  • Whether AI tool costs are billed to the client or absorbed by the firm.
  • How efficiency gains affect time-based billing (benefit passed to client or absorbed by firm).
  • Any AI usage fees charged separately.
  • Changes in billing methodology resulting from AI implementation.

Key Takeaways

  • Classify AI use into five disclosure scenarios, from no client data to Agentic Tier autonomous tools.

  • Use Metric 0 gates to confirm governance, vendor, and data protection prerequisites before any disclosure.

  • Embed standard and enhanced AI clauses into engagement letters based on scenario and risk.

  • Obtain and retain signed informed consent for high-risk and Agentic Tier AI use as DPS evidence.

  • Disclose clearly how AI affects billing, including efficiency gains and any pass-through AI fees.

  • Issue change notifications whenever AI tools, risk profile, or Agentic Tier status materially change.

  • Apply specialised disclosure language for healthcare, financial services, IP, and cross-border matters.

Get This Module

This module is available as part of an Advanta Advisory engagement.

Explore Advisory

Module Details

Type

Pillar

P4

Duration

1–2 hours per new matter; 30 minutes per material AI change

Related Resources

P4 · GovernanceModule Library →Take the Maturity Diagnostic →

Share this module

ADVISORY

Need help implementing this — and the 49 modules around it?

Advanta Advisory works with legal departments to deploy the full Legal AI OS framework — governance design, implementation roadmap, and team capability — structured around your maturity baseline.

Explore Advisory →Run the Diagnostic first
← Back to Module Library