Local-First Legal Software: Client Privilege in the AI Era
Attorney-client privilege extends to how you store client data. Cloud CRM for law firms raises ethics questions that local-first software resolves by design.
Attorney-client privilege is one of the oldest and most fundamental protections in the legal system. It exists because clients must be able to communicate candidly with their attorneys, and that candor requires confidence that communications won't be disclosed to adversaries. For centuries, protecting privilege meant physical security: lock the files, control who enters the office, keep documents away from opposing counsel.
In the era of cloud software, protecting privilege requires understanding something attorneys didn't have to consider before: who can access data stored in the software you use every day.
Attorney-Client Privilege and Cloud Storage#
The ABA's Model Rule 1.6 requires lawyers to make reasonable efforts to prevent the inadvertent disclosure of client information. State bar associations have applied this rule to cloud storage in various formal ethics opinions.
The core question for cloud CRM: when you store client contact information, matter notes, relationship history, and communication logs in a cloud system, you're creating a situation where a third party — the software vendor — technically has the ability to access that information. Does that violate the confidentiality obligation?
Most ethics opinions (including ABA Formal Opinion 477R and state equivalents) reach a practical middle ground: cloud storage can be appropriate if lawyers take reasonable precautions, understand the vendor's security practices, have a sound basis for believing the vendor will maintain confidentiality, and implement safeguards proportionate to the sensitivity of the information.
"Reasonable precautions" and "proportionate safeguards" are where the analysis gets practical. And for many law firms, the most reasonable precaution available is using software that doesn't send client data to a third party at all.
What Your CRM Knows About Your Clients#
Law firm CRM doesn't just contain basic contact information. It contains:
- Who your clients are: The fact that a particular company or individual is your client can itself be privileged (under the matter-of-common-knowledge exception, the identity may or may not be privileged, but many attorneys treat it as sensitive)
- What matters you're working on: Deal structure, litigation strategy, regulatory investigations — even categories reveal information
- Who you're communicating with: When, how often, about what
- Relationship history: Notes from calls and meetings, action items, follow-ups
- Matter-level notes: Even summarized notes about client matters that appear in CRM fields
An opposing party's discovery request, or a subpoena to your CRM vendor, could expose information that a privilege log might cover if the documents were in your files. The CRM meta-data — who you're working with, what you're working on, when you communicated — can be surprisingly revealing about strategy and relationships.
The AI Dimension#
The introduction of AI into CRM creates a new privilege consideration that didn't exist five years ago.
When you ask an AI to summarize your client relationship, draft a follow-up to a client email, or analyze your pipeline — and that query is sent to an external AI API — you're transmitting client information to a third party. Depending on how the AI vendor handles the data (logging, review, training), this could constitute disclosure.
Most sophisticated cloud CRM vendors and AI providers have enterprise privacy agreements that limit this risk. But "limit" is not "eliminate." The data travels. The logs exist somewhere. The terms of service govern what happens, and they change.
With local-first software and local AI models, the client information stays on your machine. The AI inference happens locally. No data leaves your infrastructure to external APIs when you're querying sensitive client matters.
State Bar Ethics on Cloud Software#
Most state bar ethics opinions on cloud storage reach pragmatic conclusions: cloud is permissible with appropriate due diligence and safeguards. But the opinions consistently identify specific concerns:
- The lawyer must understand what the vendor does with the data
- The lawyer must have contractual protections (confidentiality, notification of breach, data portability)
- The lawyer must evaluate the vendor's security practices
- Encryption and access controls must be in place
Local-first software satisfies all of these by architecture. You know what happens to the data — it stays on your machine. You don't need contractual protections from a vendor because there's no vendor with your data. Encryption is your OS-level full-disk encryption. Access controls are your machine's access controls.
The ethics analysis for local-first software is simpler precisely because the third-party risk that ethics opinions are concerned about doesn't exist.
DenchClaw for Law Firm CRM#
DenchClaw for a law firm would typically include:
Matter tracking: Each client matter as an entry, linked to the client (person or company) and the responsible attorney. Track matter stage, key dates, associated documents.
Client relationship history: Communication log, relationship health, last contact date. For business development purposes, track contacts at client companies and prospects.
Business development pipeline: Prospect tracking, proposal status, referral sources. Law firm BD functions like a sales pipeline but with different sensitivity considerations.
Document links: DenchClaw's entry documents let you attach notes and drafts to matter or client entries, all stored locally.
Contact management: Client contacts, opposing counsel (carefully managed), expert witnesses, co-counsel, referral sources, bar association contacts.
Custom fields: Practice-specific fields for your firm — practice area, jurisdiction, billing partner, originating attorney.
Because all of this is stored locally in DuckDB on your own machines, the privilege and confidentiality analysis is simple.
Practical Confidentiality Configuration#
For a law firm deploying DenchClaw with client privilege in mind:
Machine security: Enable FileVault or BitLocker. Strong passwords. Auto-lock after 5 minutes. Client data encrypted at rest.
Network security: If multiple attorneys access a shared DenchClaw instance, access over your secure internal network or VPN. Not over public internet without encryption.
AI configuration: For any AI features involving client matter information, configure a local model (Ollama). Reserve external AI APIs for research on public information.
Access logging: Maintain records of who has access to the machine running DenchClaw as part of your data governance documentation.
Backup confidentiality: Encrypt backups. If using cloud backup for the DenchClaw workspace, use zero-knowledge cloud backup or encrypt before upload.
Matter closure: Document your retention policy for closed matters. DenchClaw's local storage means you control the retention schedule and can actually delete records when retention periods expire.
Comparison: Cloud vs Local-First for Law Firm CRM#
| Factor | Cloud CRM (Salesforce, HubSpot) | DenchClaw (Local-First) |
|---|---|---|
| Client data location | Vendor's cloud | Your machines |
| Privilege risk | Vendor access creates risk | Vendor has no access |
| Ethics analysis complexity | Requires due diligence | Simple (no third party) |
| AI privacy | Data sent to API | Local models available |
| Discovery subpoena to vendor | Vendor must comply | No vendor to subpoena |
| Cost | $50-300+/user/month | Free (MIT) |
Frequently Asked Questions#
Does using cloud CRM violate attorney-client privilege?#
Not per se — most ethics opinions allow cloud storage with appropriate safeguards. But it creates a third-party access risk that requires active management: vendor due diligence, contractual protections, and proportionate security controls.
Is the client's identity privileged?#
Generally, a lawyer can't invoke privilege to hide who their clients are (the "matter of common knowledge" exception). But information about the scope and nature of the representation, specific matters, and related communications can be privileged. Law firms typically treat client identity and matter information as confidential regardless of strict privilege analysis.
What if we need remote access for attorneys working from home?#
Run DenchClaw on an office server accessible via VPN. Attorneys connect through encrypted VPN — client data stays on your server, accessed over encrypted channels. This is the standard architecture for any sensitive law firm data.
How does DenchClaw handle conflicts checking?#
Conflicts checking requires searching your complete client and adverse party database. DenchClaw's DuckDB backend supports full-text search across all entries. You can build a conflicts check workflow as a saved query. For large firms with high conflict check volume, integration with a purpose-built conflicts system may be appropriate.
Ready to try DenchClaw? Install in one command: npx denchclaw. Full setup guide →
