December 25, 2025

How To: Redact PDF Documents Properly and Recover Data from Failed Redactions: A Guide for Lawyers After the DOJ Epstein Files Release “Leak”

December 25, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

Lawyers must redact documents correctly!

The legal world is buzzing this week. The Department of Justice released the Jeffrey Epstein files on December 23, 2025. The New York Times reported on the disaster in their article, https://www.nytimes.com/2025/12/23/us/politics/epstein-files-redactions-doj.html. The DOJ attempted to hide names. They failed. They used improper redaction techniques. Tech-savvy readers simply copied the text from under the black boxes. They pasted it into Word. The names appeared instantly.

This is a nightmare for any attorney. You never want to be the "sender" in this scenario. You also need to know what to do if you are the "receiver." This “How to” guide explains the technology. It also covers the ethics. We will keep it simple.

The Mistake: Why "Black Boxes" Are Not Redactions

Digital documents have layers. Think of a PDF like a sandwich. The text is the meat in the middle. The white background is the bread. When you use a drawing tool to place a black rectangle over a name, you are just adding a topping. You are putting a slice of cheese on top of the meat.

The meat is still there.

The computer still sees the text. It just displays a black shape over it. This is what happened with the DOJ files. They likely used a "highlighter" tool set to black. Or they used a "shape" tool. This hides the visual text. It does not remove the data.

How to Properly Redact Documents

lawyers do you know how to redact documents properly?

You must remove the data. You cannot just hide it. You need to burn the “meat” in the sandwich (you are creating a “hole” in the document). Here is the process for Adobe Acrobat Pro. Most legal PDF software works similarly.

1. Use the Dedicated Redact Tool
Do not use the "Comment" tool. Do not use the "Draw" tool. Look for the tool named "Redact." It is usually in the "Protect" or "Tools" menu.

2. Mark for Redaction
Select the text you want to hide. The tool will outline it in red. This is a warning. It tells you, "I am about to delete this." It has not happened yet. You can still undo it.

3. Apply the Redaction
This is the critical step. You must click "Apply." The software will warn you. It will say this cannot be undone. Confirm it. The software now punches a hole in the digital paper. It fills that hole with black pixels. The text data is gone.

4. Sanitize and Remove Hidden Information
You are not done. Files have metadata. This includes author names. It includes edit history. It includes bookmarks. Acrobat will ask if you want to "Remove Hidden Information." Always say yes. This scrubs the invisible layers.

5. Save as a New File
Save the file with a new name. Use a suffix like "_REDACTED." Keep your original safe. Open the new file. Try to select the black box. Try to search for the hidden word. If you cannot find it, you are safe.

How to Recover Information from Improperly Redacted Files

Sometimes you receive a file. It looks redacted. You suspect it was done poorly. Here is how you can check.

Method 1: The Copy and Paste Trick
This is the easiest method. It works on the DOJ files.

Open the PDF.
Press Ctrl + A (Windows) or Cmd + A (Mac). (Or with your cursor, highlight the document area in question.) This selects all text.
Look at the redacted area. If you see blue highlighting shadow behind the black box, the text is there.
Press Ctrl + C (Copy).
Open Microsoft Word.
Press Ctrl + V (Paste).
Read the text. The black box will likely disappear. The "hidden" words will appear.

Method 2: The Search Trick

Open the PDF.
Press Ctrl + F to open the search bar.
Type a word you think is redacted.
If the viewer jumps to a black box, the text is still there.

Method 3: Adobe "Remove Hidden Info" Check

Open the file in Acrobat Pro.
Go to the "Redact" tool.
Look for "Sanitize Document" or "Remove Hidden Information."
Run the scan.
The report will list "Hidden Text" or "Overlapping Objects." This confirms data is hiding behind the visuals.

The Ethics: ABA Model Rules

Technology is easy. Ethics are hard. What happens when you send a bad file? What happens when you receive one?

For the Sender (The DOJ Scenario)
You have a duty of competence. ABA Model Rule 1.1 and 1.1 Comment 8 require you to understand your tools. You must know how to redact. Failing to use the software correctly is a competence failure.

You also have a duty of confidentiality. ABA Model Rule 1.6 requires you to protect client info. Sending a "masked" PDF instead of a "redacted" one violates this duty. It is a breach. You effectively handed the other side the keys to the safe.

For the Receiver (The Attorney Who Finds the Info)
You received the Epstein files. You copy-pasted. You found the names. Now what?

Lawyers, you have ethical obligations to redact documents competently.

ABA Model Rule 4.4(b) governs this. It addresses "Respect for Rights of Third Persons." It states: “A lawyer who receives a document... and knows or reasonably should know that the document was inadvertently sent shall promptly notify the sender.”

This is the key. Is a failed redaction "inadvertently sent"? Most ethics opinions say yes. The sender meant to hide it. They failed. They did not intend to send you the hidden text.

Do you have to stop reading?
The Model Rules do not explicitly say "stop reading." They only require you to notify the sender. However, many state jurisdictions go further. Some states require you to stop reading immediately. Some require you to delete the file.

The "Metadata" Exception
There is a nuance. ABA Formal Opinion 06-442 discusses metadata. It generally allows lawyers to look for hidden metadata. It views metadata as part of the file. However, "un-redacting" specific text is different. It is clearly privileged or sensitive.

The Bottom Line for the Receiver:

Stop if you realize it is a mistake.
Notify opposing counsel immediately. "I received your production. It appears the redactions are transparent. Please advise."
Do not use it until the issue is resolved. A judge will likely disqualify you if you exploit an obvious error.

Do not be the DOJ. Learn your tools. Sanitize your documents. And if you catch the other side making a mistake, follow the rules. It helps to keep your license safe. ⚖️ 💻

December 24, 2025

🚨BOLO: Last-Minute Procurement Scams Targeting Firms on Christmas Eve🎄

December 24, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

It is Christmas Eve! The pressure to secure last-minute client gifts, finalize year-end office supply orders, or purchase personal items is at its peak. Scammers anticipate this desperation. They are currently flooding social media and search engines with "Out-of-Stock" Purchase Scams designed to exploit your urgency.

Whether you are ordering toner for year-end filings or a rush gift for a partner, the mechanism remains the same. You locate a vendor promising immediate delivery of a hard-to-find item. You purchase it. Minutes later, an email arrives claiming the item is "out of stock" due to holiday volume.

This notification is the trap. It promises an instant refund but requires you to click a link to "confirm" your details. This link does not lead to a payment processor; it leads to a credential-harvesting site. By trying to recoup your funds, you may inadvertently hand over firm credit card data or banking login credentials to a threat actor.

Immediate Risk Mitigation:

Verify the Vendor: If a deal appears for an item sold out everywhere else, it is likely a lure. Stick to established, major retailers today.
Isolate Transactions: Do not mix firm procurement with personal panic buying. Use a dedicated credit card for any new vendor.
Pause Before Clicking: If you receive a refund link, do not click it. Legitimate refunds happen automatically; they never require you to log in again.

Stay safe. Do not let a shipping deadline become a security breach. 🎄🔒

December 22, 2025

MTC: The 2026 Hardware Hike: Why Law Firms Must Budget for the "AI Squeeze" Now!

December 22, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

Lawyers need to be ready for $prices$ in tech to go up next year due to increased AI use!

A perfect storm is brewing in the hardware market. It will hit law firm budgets harder than expected in 2026. Reports from December 2025 confirm that major manufacturers like Dell, Lenovo, and HP are preparing to raise PC and laptop prices by 15% to 20% early next year. The catalyst is a global shortage of DRAM (Dynamic Random Access Memory). This shortage is driven by the insatiable appetite of AI servers.

While recent headlines note that giants like Apple and Samsung have the supply chain power to weather this surge, the average law firm does not. This creates a critical strategic challenge for managing partners and legal administrators.

The timing is unfortunate. Legal professionals are adopting AI tools at a record pace. Tools for eDiscovery, contract analysis, and generative drafting require significant computing power to run smoothly. In 2024, a laptop with 16GB of RAM was standard. Today, running local privacy-focused AI models or heavy eDiscovery platforms makes 32GB the new baseline. 64GB is becoming the standard for power users.

“Don’t just meet today’s AI demands—exceed them. Upgrade to 32GB or 64GB of RAM now, not later. AI adoption in legal practice is accelerating exponentially. The memory you think is “enough” today will be the bottleneck tomorrow. Firms that overspec their hardware now will avoid costly mid-cycle replacements and gain a competitive edge in speed and efficiency.”

— 💡 PRO TIP: Future-Proof Your Firm's Hardware Now

We face a paradox. We need more memory to remain competitive, but that memory is becoming scarce and expensive. The "AI Squeeze" is real. Chipmakers are prioritizing high-profit memory for data center AI over the standard memory used in law firm laptops. This supply shift drives up the bill of materials for every new workstation (low end when you compare them “high-profit memory data centers) you plan to buy.

Update your firm’s tech budget for 2026 by prioritizing ram for your next technology upgrade.

Law firms should act immediately. First, audit your hardware refresh cycles. If you planned to upgrade machines in Q1 or Q2 of 2026, accelerate those purchases to the current quarter. You could save 20% per unit by buying before the price hikes take full effect.

Second, adjust your 2026 technology budget. A flat budget will buy you less power next year. You cannot afford to downgrade specifications. Buying underpowered laptops will frustrate fee earners and throttle the efficiency gains you expect from your AI investments.

Finally, prioritize RAM over storage. Cloud storage is cheap and abundant. Memory is not. When configuring new machines, allocate your budget to 32GB or 64GB (or more) of RAM rather than a larger hard drive.

The hardware market is shifting. The cost of innovation is rising. Smart firms will plan for this reality today rather than paying the premium tomorrow.

December 19, 2025

🧪🎧 TSL Labs Bonus Podcast: Open vs. Closed AI — The Hidden Liability Trap in Your Firm ⚖️🤖

December 19, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

Welcome to TSL Labs Podcast Experiment. 🧪🎧 In this special "Deep Dive" bonus episode, we strip away the hype surrounding Generative AI to expose a critical operational risk hiding in plain sight: the dangerous confusion between "Open" and "Closed" AI systems.

Featuring an engaging discussion between our Google Notebook AI hosts, this episode unpacks the "Swiss Army Knife vs. Scalpel" analogy that every managing partner needs to understand. We explore why the "Green Light" tools you pay for are fundamentally different from the "Red Light" public models your staff might be using—and why treating them the same could trigger an immediate breach of ABA Model Rule 5.3. From the "hidden crisis" of AI embedded in Microsoft 365 to the non-negotiable duty to supervise, this is the essential briefing for protecting client confidentiality in the age of algorithms.

In our conversation, we cover the following:

[00:00] – Introduction: The hidden danger of AI in law firms.
[01:00] – The "AI Gap": Why staff confuse efficiency with confidentiality.
[02:00] – The Green Light Zone: Defining secure, "Closed" AI systems (The Scalpel).
[03:45] – The Red Light Zone: Understanding "Open" Public LLMs (The Swiss Army Knife).
[04:45] – "Feeding the Beast": How public queries actively train the model for everyone else.
[05:45] – The Duty to Supervise: ABA Model Rules 5.3 and 1.1[8] implications.
[07:00] – The Hidden Crisis: AI embedded in ubiquitous tools (Microsoft 365, Adobe, Zoom).
[09:00] – The Training Gap: Why digital natives assume all prompt boxes are safe.
[10:00] – Actionable Solutions: Auditing tools and the "Elevator vs. Private Room" analogy.
[12:00] – Hallucinations: Vendor liability vs. Professional negligence.
[14:00] – Conclusion: The final provocative thought on accidental breaches.

RESOURCES

Mentioned in the episode

ABA Model Rule 5.3 (Responsibilities Regarding Nonlawyer Assistance): https://www.americanbar.org/groups/professional_responsibility/publications/model_rules_of_professional_conduct/rule_5_3_responsibilities_regarding_nonlawyer_assistant/
ABA Model Rule 1.1, Comment 8 (Technology Competence): https://www.americanbar.org/groups/professional_responsibility/publications/model_rules_of_professional_conduct/rule_1_1_competence/ and https://www.americanbar.org/groups/professional_responsibility/publications/model_rules_of_professional_conduct/rule_1_1_competence/comment_on_rule_1_1/#:~:text=of%20these%20Rules.-,Maintaining%20Competence,all%20continuing%20legal%20education%20requirements%20to%20which%20the%20lawyer%20is%20subject.,-Back%20to%20Rule

Software & Cloud Services mentioned in the conversation

Lexis+ AI (LexisNexis): https://www.lexisnexis.com/en-us/products/lexis-plus-ai.page
Protégé (LegalMation/LexisNexis context): https://www.lexisnexis.com/en-us/products/lexis-plus-ai.page
Westlaw Precision (Thomson Reuters): https://legal.thomsonreuters.com/en/products/westlaw-precision
Co-Counsel (Casetext/Thomson Reuters): https://casetext.com/co-counsel
Harvey AI: https://www.harvey.ai/
vLex Vincent AI: https://vlex.com/vincent-ai
ChatGPT (OpenAI): https://chat.openai.com/
Perplexity AI: https://www.perplexity.ai/
Claude (Anthropic): https://claude.ai/
Microsoft 365 Copilot (Teams/Word): https://www.microsoft.com/en-us/microsoft-365/enterprise/copilot
Adobe Creative Cloud (AI features): https://www.adobe.com/ai/overview.html
Zoom AI Companion: https://www.zoom.us/aihttps://www.zoom.com/en/products/ai-assistant/

December 18, 2025

MTC (Bonus): National Court Technology Rules: Finding Balance Between Guidance and Flexibility ⚖️

December 18, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

Standardizing Tech Guidelines in the Legal System

Lawyers and their staff needs to know the standard and local rules of AI USe in the courtroom - their license could depend on it.

The legal profession stands at a critical juncture where technological capability has far outpaced judicial guidance. Nicole Black's recent commentary on the fragmented approach to technology regulation in our courts identifies a genuine problem—one that demands serious consideration from both proponents of modernization and cautious skeptics alike.

The core tension is understandable. Courts face legitimate concerns about technology misuse. The LinkedIn juror research incident in Judge Orrick's courtroom illustrates real risks: a consultant unknowingly violated a standing order, resulting in a $10,000 sanction despite the attorney's good-faith disclosure and remedial efforts. These aren't theoretical concerns—they reflect actual ethical boundaries that protect litigants and preserve judicial integrity. Yet the response to these concerns has created its own problems.

The current patchwork system places practicing attorneys in an impossible position. A lawyer handling cases across multiple federal districts cannot reasonably track the varying restrictions on artificial intelligence disclosure, social media evidence protocols, and digital research methodologies. When the safe harbor is simply avoiding technology altogether, the profession loses genuine opportunities to enhance accuracy and efficiency. Generative AI's citation hallucinations justify judicial scrutiny, but the ad hoc response by individual judges—ranging from simple guidance to outright bans—creates unpredictability that chills responsible innovation.

SHould there be an international standard for ai use in the courtroom

There are legitimate reasons to resist uniform national rules. Local courts understand their communities and case management needs better than distant regulatory bodies. A one-size-fits-all approach might impose burdensome requirements on rural jurisdictions with fewer tech-savvy practitioners. Furthermore, rapid technological evolution could render national rules obsolete within months, whereas individual judges retain flexibility to respond quickly to emerging problems.

Conversely, the current decentralized approach creates serious friction. The 2006 amendments to Federal Rules of Civil Procedure for electronically stored information succeeded partly because they established predictability across jurisdictions. Lawyers knew what preservation obligations applied regardless of venue. That uniformity enabled the profession to invest in training, software, and processes. Today's lawyers lack that certainty. Practitioners must maintain contact lists tracking individual judge orders, and smaller firms simply cannot sustain this administrative burden.

The answer likely lies between extremes. Rather than comprehensive national legislation, the profession would benefit from model standards developed collaboratively by the Federal Judicial Conference, state supreme courts, and bar associations. These guidelines could allow reasonable judicial discretion while establishing baseline expectations—defining when AI disclosure is mandatory, clarifying which social media research constitutes impermissible contact, and specifying preservation protocols that protect evidence without paralyzing litigation.

Such an approach acknowledges both legitimate judicial concerns and legitimate professional needs. It recognizes that judges require authority to protect courtroom procedures while recognizing that lawyers require predictability to serve clients effectively.

I basically agree with Nicole: The question is not whether courts should govern technology use. They must. The question is whether they govern wisely—with sufficient uniformity to enable compliance, sufficient flexibility to address local concerns, and sufficient clarity to encourage rather than discourage responsible innovation.

December 17, 2025

📖 WORD OF THE WEEK (WoW): Zero Trust Architecture ⚖️🔐

December 17, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

Zero Trust Architecture and ABA Model Rules Compliance 🛡️

Lawyers need to "never trust, always verify" their network activity!

Zero Trust Architecture represents a fundamental shift in how law firms approach cybersecurity and fulfill ethical obligations. Rather than assuming that users and devices within a firm's network are trustworthy by default, this security model operates on the principle of "never trust, always verify." For legal professionals managing sensitive client information, implementing this framework has become essential to protecting confidentiality while maintaining compliance with ABA Model Rules.

The traditional security approach created a protective perimeter around a firm's network, trusting anyone inside that boundary. This model no longer reflects modern legal practice. Remote work, cloud-based case management systems, and mobile device usage mean that your firm's data exists across multiple locations and devices. Zero Trust abandons the perimeter-based approach entirely.

ABA Model Rule 1.6(c) requires lawyers to "make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client." Zero Trust Architecture directly fulfills this mandate by requiring continuous verification of every user and device accessing firm resources, regardless of location. This approach ensures compliance with the confidentiality duty that forms the foundation of legal practice.

Core Components Supporting Your Ethical Obligations

Zero Trust Architecture operates through three interconnected principles aligned with ABA requirements.

legal professionals do you know the core components of modern cyber security?

Continuous verification means that authentication does not happen once at login. Instead, systems continuously validate user identity, device health, and access context in real time.
Least privilege access restricts each user to only the data and systems necessary for their specific role. An associate working on discovery does not need access to billing systems, and a paralegal in real estate does not need access to litigation files.
Micro-segmentation divides your network into smaller, secure zones. This prevents lateral movement, which means that if a bad actor compromises one device or user account, they cannot automatically access all firm systems.

ABA Model Rule 1.1, Comment 8 requires that lawyers maintain competence, including competence in "the benefits and risks associated with relevant technology." Understanding Zero Trust Architecture demonstrates that your firm maintains technological competence in cybersecurity matters. Additional critical components include multi-factor authentication, which requires users to verify their identity through multiple methods before accessing systems. Device authentication ensures that only approved and properly configured devices can connect to firm resources. End-to-end encryption protects data both at rest and in transit.

ABA Model Rule 1.4 requires lawyers to keep clients "reasonably informed about significant developments relating to the representation." Zero Trust Architecture supports this duty by protecting client information and enabling prompt client notification if security incidents occur.

ABA Model Rules 5.1 and 5.3 require supervisory lawyers and managers to ensure that subordinate lawyers and non-lawyer staff comply with professional obligations. Implementing Zero Trust creates the framework for effective supervision of cybersecurity practices across your entire firm.

Addressing Safekeeping Obligations

ABA Model Rule 1.15 requires lawyers to "appropriately safeguard" property of clients, including electronic information. Zero Trust Architecture provides the security infrastructure necessary to meet this safekeeping obligation. This rule mandates maintaining complete records of client property and preserving those records. Zero Trust's encryption and access controls ensure that stored records remain protected from unauthorized access.

Implementation: A Phased Approach 📋

Implementing Zero Trust need not happen all at once. Begin by assessing your current security infrastructure and identifying sensitive data flows. Establish identity and access management systems to control who accesses what. Deploy multi-factor authentication across all applications. Then gradually expand micro-segmentation and monitoring capabilities as your systems mature. Document your efforts to demonstrate compliance with ABA Model Rule 1.6(c)'s requirement for "reasonable efforts."

Final Thoughts

Zero Trust Architecture transforms your firm's security posture from reactive protection to proactive verification while ensuring compliance with essential ABA Model Rules. For legal practices handling confidential client information, this security framework is not optional. It protects your clients, your firm's reputation, and your ability to practice law with integrity.

December 15, 2025

MTC: The Hidden Danger in Your Firm: Why We Must Teach the Difference Between “Open” and “Closed” AI!

December 15, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

Does your staff understand the difference between “free” and “paid” aI? Your license could depend on it!

I sit on an advisory board for a school that trains paralegals. We meet to discuss curriculum. We talk about the future of legal support. In a recent meeting, a presentation by a private legal research company caught my attention. It stopped me cold. The topic was Artificial Intelligence. The focus was on use and efficiency. But something critical was missing.

The lesson did not distinguish between public-facing and private tools. It treated AI as a monolith. This is a dangerous oversimplification. It is a liability waiting to happen.

We are in a new era of legal technology. It is exciting. It is also perilous. The peril comes from confusion. Specifically, the confusion between paid, closed-system legal research tools and public-facing generative AI.

Your paralegals, law clerks, and staff use these tools. They use them to draft emails. They use them to summarize depositions. Do they know where that data goes? Do you?

The Two Worlds of AI

There are two distinct worlds of AI in our profession.

First, there is the world of "Closed" AI. These are the tools we pay for - i.e., Lexis+/Protege, Westlaw Precision, Co-Counsel, Harvey, vLex Vincent, etc. These platforms are built for lawyers. They are walled gardens. You pay a premium for them. (Always check the terms and conditions of your providers.) That premium buys you more than just access. It buys you privacy. It buys you security. When you upload a case file to Westlaw, it stays there. The AI analyzes it. It does not learn from it for the public. It does not share your client’s secrets with the world. The data remains yours. The confidentiality is baked in.

Then, there is the world of "Open" or "Public" AI. This is ChatGPT. This is Perplexity. This is Claude. These tools are miraculous. But they are also voracious learners.

When you type a query into the free version of ChatGPT, you are not just asking a question. You are training the model. You are feeding the beast. If a paralegal types, "Draft a motion to dismiss for John Doe, who is accused of embezzlement at [Specific Company]," that information leaves your firm. It enters a public dataset. It is no longer confidential.

This is the distinction that was missing from the lesson plan. It is the distinction that could cost you your license.

The Duty to Supervise

Do you and your staff know when you can and can’t use free AI in your legal work?

You might be thinking, "I don't use ChatGPT for client work, so I'm safe." You are wrong.

You are not the only one doing the work. Your staff is doing the work. Your paralegals are doing the work.

Under the ABA Model Rules of Professional Conduct, you are responsible for them. Look at Rule 5.3. It covers "Responsibilities Regarding Nonlawyer Assistance." It is unambiguous. You must make reasonable efforts to ensure your staff's conduct is compatible with your professional obligations.

If your paralegal breaches confidentiality using AI, it is your breach. If your associate hallucinates a case citation using a public LLM, it is your hallucination.

This connects directly to Rule 1.1, Comment 8. This represents the duty of technology competence. You cannot supervise what you do not understand. You must understand the risks associated with relevant technology. Today, that means understanding how Large Language Models (LLMs) handle data.

The "Hidden AI" Problem

I have discussed this on The Tech-Savvy Lawyer.Page Podcast. We call it the "Hidden AI" crisis. AI is creeping into tools we use every day. It is in Adobe. It is in Zoom. It is in Microsoft 365.

Public-facing AI is useful. I use it. I love it for marketing. I use it for brainstorming generic topics. I use it to clean up non-confidential text. But I never trust it with a client's name. I never trust it with a very specific fact pattern.

A paid legal research tool is different. It is a scalpel. It is precise. It is sterile. A public chatbot is a Swiss Army knife found on the sidewalk. It might work. But you don't know where it's been.

The Training Gap

The advisory board meeting revealed a gap. Schools are teaching students how to use AI. They are teaching prompts. They are teaching speed. They are not emphasizing the where.

The "where" matters. Where does the data go?

We must close this gap in our own firms. You cannot assume your staff knows the difference. To a digital native, a text box is a text box. They see a prompt window in Westlaw. They see a prompt window in ChatGPT. They look the same. They act the same.

They are not the same.

One protects you. The other exposes you.

A Practical Solution

I have written about this in my blog posts regarding AI ethics. The solution is not to ban AI. That is impossible. It is also foolish. AI is a competitive advantage.

* Always check the terms of use in your agreements with private platforms to determine if your client confidential data and PII are protected.

The solution is policies and training.

Audit Your Tools. Know what you have. Do you have an enterprise license for ChatGPT? If so, your data might be private. If not, assume it is public.
Train on the "Why." Don't just say "No." Explain the mechanism. Explain that public AI learns from inputs. Use the analogy of a confidential conversation in a crowded elevator versus a private conference room.
Define "Open" vs. "Closed." Create a visual guide. List your "Green Light" tools (Westlaw, Lexis, etc.). List your "Red Light" tools for client data (Free ChatGPT, personal Gmail, etc.).
Supervise Output. Review the work. AI hallucinates. Even paid tools can make mistakes. Public tools make up cases entirely. We have all seen the headlines. Don't be the next headline.

The Expert Advantage

The line between “free” and “paid” ai could be a matter of keeping your bar license!

On The Tech-Savvy Lawyer.Page, I often say that technology should make us better lawyers, not lazier ones.

Using Lexis+/Protege, Westlaw Precision, Co-Counsel, Harvey, vLex Vincent, etc. is about leveraging a curated, verified database. It is about relying on authority. Using a public LLM for legal research is about rolling the dice.

Your license is hard-earned. Your reputation is priceless. Do not risk them on a free chatbot.

The lesson from the advisory board was clear. The schools are trying to keep up. But the technology moves faster than the curriculum. It is up to us. We are the supervisors. We are the gatekeepers.

Take time this week. Gather your team. Ask them what tools they use. You might be surprised. Then, teach them the difference. Show them the risks.

Be the tech-savvy lawyer your clients deserve. Be the supervisor the Rules require.

The tools are here to stay. Let’s use them effectively. Let’s use them ethically. Let’s use them safely.

MTC

December 12, 2025

TSL Labs 🧪Bonus: 🎙️ From Cyber Compliance to Cyber Dominance: What VA's AI Revolution Means for Government Cybersecurity, Legal Ethics, and ABA Model Rule Compliance!

December 12, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

In this TSL Labs bonus episode, we examine this week’s editorial on how the Department of Veterans Affairs is leading a historic transformation from traditional compliance frameworks to a dynamic, AI-driven approach called "cyber dominance." This conversation unpacks what this seismic shift means for legal professionals across all practice areas—from procurement and contract law to privacy, FOIA, and litigation. Whether you're advising government agencies, representing contractors, or handling cases where data security matters, this discussion provides essential insights into how continuous monitoring, zero trust architecture, and AI-driven threat detection are redefining professional competence under ABA Model Rule 1.1. 💻⚖️🤖

Join our AI hosts and me as we discuss the following three questions and more!

How has federal cybersecurity evolved from the compliance era to the cyber dominance paradigm? 🔒
What are the three technical pillars—continuous monitoring, zero trust architecture, and AI-driven detection—and how do they interconnect? 🛡️
What professional liability and ethical obligations do lawyers now face under ABA Model Rule 1.1 regarding technology competence? ⚖️

In our conversation, we cover the following:

[00:00:00] - Introduction: TSL Labs Bonus Podcast on VA's AI Revolution 🎯
[00:01:00] - Introduction to Federal Cybersecurity: The End of the Compliance Era 📋
[00:02:00] - Legal Implications and Professional Liability Under ABA Model Rules ⚖️
[00:03:00] - From Compliance to Continuous Monitoring: Understanding the Static Security Model 🔄
[00:04:00] - The False Comfort of Compliance-Only Approaches 🚨
[00:05:00] - The Shift to Cyber Dominance: Three Integrated Technical Pillars 💪
[00:06:00] - Zero Trust Architecture (ZTA) Explained: Verify Everything, Trust Nothing 🔐
[00:07:00] - AI-Driven Detection and Legal Challenges: Professional Competence Under Model Rule 1.1 🤖
[00:08:00] - The New Legal Questions: Real-Time Risk vs. Static Compliance 📊
[00:09:00] - Evolving Compliance: From Paper Checks to Dynamic Evidence 📈
[00:10:00] - Cybersecurity as Operational Discipline: DevSecOps and Security by Design 🔧
[00:11:00] - Litigation Risks: Discovery, Red Teaming, and Continuous Monitoring Data ⚠️
[00:12:00] - Cyber Governance with AI: Algorithmic Bias and Explainability 🧠
[00:13:00] - Synthesis and Future Outlook: Law Must Lead, Not Chase Technology 🚀
[00:14:00] - The Ultimate Question: Is Your Advice Ready for Real-Time Risk Management? 💡
[00:15:00] - Conclusion and Resources 📚

Resources

Mentioned in the Episode

ABA Model Rule 1.1 - Competent Representation (including technology competence requirement) - https://www.americanbar.org/groups/professional_responsibility/publications/model_rules_of_professional_conduct/rule_1_1_competence/
Department of Veterans Affairs (VA) Cybersecurity Initiative - https://www.va.gov/oit/cybersecurity/
DevSecOps Pipelines - Security integration in software development - https://www.devsecops.org/
FedRAMP (Federal Risk and Authorization Management Program) - https://www.fedramp.gov/
FISMA (Federal Information Security Management Act) - https://www.cisa.gov/topics/cyber-threats-and-advisories/federal-information-security-modernization-act
Google Notebook AI - AI discussion generation tool - https://notebooklm.google.com/
HIPAA (Health Insurance Portability and Accountability Act) - https://www.hhs.gov/hipaa/index.html
NIST Cybersecurity Framework - https://www.nist.gov/cyberframework
Red Teaming - Ethical hacking and security testing methodology - https://www.cisa.gov/red-team-assessments
Zero Trust Architecture (ZTA) - Federal mandate for security verification - https://www.cisa.gov/zero-trust

Software & Cloud Services Mentioned in the Conversation

AI-Driven Detection Systems - Automated threat detection and response platforms
Automated Compliance Platforms - Dynamic evidence generation systems
Continuous Monitoring Systems - Real-time security assessment platforms
DevSecOps Tools - Automated security testing in software development pipelines
Firewalls - Network security hardware devices
Google Notebook AI - https://notebooklm.google.com/
Penetration Testing Software - Security vulnerability assessment tools
Zero Trust Architecture (ZTA) Solutions - Identity and access verification systems

December 10, 2025

📖 "Word of the Week! 📧 "Inbox Zero" - Reclaim Your Productivity and Mental Clarity!

December 10, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

Achieving “inbox zero” can help you have some sence of "Zen” at work!

Inbox Zero represents a systematic approach to email management that transforms overwhelmed inboxes into streamlined productivity systems. Rather than obsessing over an entirely empty inbox, Inbox Zero focuses on processing each message decisively so that emails serve your practice—not the reverse.

The average office worker receives approximately 121 emails daily. For legal professionals managing client communications, case updates, and firm operations, unmanaged email creates more than mere clutter. It generates decision fatigue, interrupts focused work, and creates persistent mental stress. Inbox Zero addresses this challenge through a structured methodology.

The Five Actions Framework forms the core of Inbox Zero practice. When you open an email, you must immediately decide whether to delete it, delegate it to a colleague, respond to it, defer it for later action, or complete the task it describes. This "touch it once" approach prevents emails from cycling through your inbox repeatedly, wasting your mental energy and professional time.

For attorneys, the benefits extend beyond organizational tidiness. Studies indicate that constant email interruptions reduce productivity by up to 40%. By implementing scheduled email times—typically two to four designated periods throughout your workday—you can reclaim significant focus time for substantive legal work. Many successful practitioners process emails after lunch and at the end of the business day, aligning email management with natural energy dips.

Implementation requires intentional strategy, not perfection. Begin by setting up automated filters and labels that sort incoming messages by category or client matter. Disable email notifications outside your designated checking times - we are guilty of FOMO (“Fear of Missing Out”)! Meanwhile, a unified inbox connected to your case management system, when available, consolidates related communications and prevents critical messages from scattering across multiple platforms.

The "two-minute rule" proves particularly valuable in legal practice. If you can respond to an email or complete its associated task within two minutes, address it immediately during your processing window. This approach prevents small matters from accumulating into overwhelming backlogs. Emails requiring substantive legal analysis, research, or client strategy should be tagged, categorized to a specific matter, and scheduled for dedicated work blocks.

The chaos 🤪 of e-mail can reduce your productivity significantly! 🤑

Notification Zero represents an evolution of traditional Inbox Zero methodology. Modern legal professionals manage communications across email, case management platforms, messaging applications, and task management tools. Achieving mental clarity requires managing notifications across all these channels, not just email alone. Implement Do Not Disturb modes during deep work sessions to protect your concentration.

Research demonstrates that attorneys adopting these practices report significant stress reduction and improved time management. Team-wide implementation proves even more effective—establishing no-email hours for collaborative deep work and using shared calendars to reduce scheduling back-and-forth can decrease email volume by 20 to 30%.

Achieving Inbox Zero requires commitment rather than complexity. Start with one or two strategic changes: batch-checking emails, blocking calendar time for email processing, silencing notifications between designated times, or integrating automation tools. The goal transcends a pristine inbox. It centers on regaining control over your time, protecting your mental resources, and building a practice where email management supports rather than sabotages your professional success.

December 09, 2025

🎙️Ep. 126: AI and Access to Justice With Pearl.com Associate General Counsel Nick Tiger

December 09, 2025/ The Tech-Savvy Lawyer.Page/ Michael D.J. Eisenberg

Our next guest is Nick Tiger, Associate General Counsel at Pearl.com, Nick shares insights on integrating AI into legal practice. Pearl.com champions AI and human expertise for professional services. He outlines practical uses such as market research, content creation, intake automation, and improved billing efficiency, while stressing the need to avoid liability through robust human oversight.

Nick is a legal leader at Pearl.com, partnering on product design, technology, and consumer-protection compliance strategy. He previously served as Head of Product Legal at EarnIn, an earned-wage access pioneer, building practical guidance for responsible feature launches, and as Senior Counsel at Capital One, supporting consumer products and regulatory matters. Nick holds a J.D. from the University of Missouri–Kansas City, lives in Richmond, Virginia, and is especially interested in using technology to expand rural community access to justice.

During the conversation, Nick highlights emerging tools, such as conversation wizards and expert-matching systems, that enhance communication and case preparation. He also explains Pearl AI's unique model, which blends chatbot capabilities with human expert verification to ensure accuracy in high-stakes or subjective matters.

Nick encourages lawyers to adopt human-in-the-loop protocols and consider joining Pearl's expert network to support accessible, reliable legal services.

Join Nick and me as we discuss the following three questions and more!

What are the top three most impactful ways lawyers can immediately implement AI technology in their practices while avoiding the liability pitfalls that have led to sanctions in recent high-profile cases?
Beyond legal research and document review, what are the top three underutilized or emerging AI applications that could transform how lawyers deliver value to clients, and how should firms evaluate which technologies to adopt?
What are the top three criteria Pearl uses to determine when human expert verification is essential versus when AI alone is sufficient? How can lawyers apply this framework to develop their own human-in-the-loop protocols for AI-assisted legal work, and how is Perl different from its competitors?

In our conversation, we cover the following:

[00:56] Nick's Tech Setup

[07:28] Implementing AI in Legal Practices

[17:07] Emerging AI Applications in Legal Services

[26:06] Pearl AI's Unique Approach to AI and Legal Services

[31:42] Developing Human-in-the-Loop Protocols

[34:34] Pearl AI's Advantages Over Competitors

[36:33] Becoming an Expert on Pearl AI

Resources:

Connect with Nick:

Nick's LinkedIn: linkedin.com/in/nicktigerjd

Pearl.com Website: pearl.com

Pearl.com Expert Application Portal: era.justanswer.com/

Pearl.com LinkedIn: linkedin.com/company/pearl-com

Pearl.com X: x.com/Pearldotcom

ABA Resources:

ABA Formal Opinion 512: https://www.americanbar.org/content/dam/aba/administrative/professional_responsibility/ethics-opinions/aba-formal-opinion-512.pdf

Hardware mentioned in the conversation:

Anker Backup Battery / Power Bank: anker.com/collections/power-banks

Software & Cloud Services mentioned in the conversation:

AT&T: att.com/
Pearl.com: pearl.com/
Sprint: thesprintgroup.com/
Timely: timely.com/
Verizon: verizon.com/

Blog