LawyerAILawyerAIIndependent Reviews
  • Search
  • Categories
  • Tag
  • Collection
  • Blog
  • Compare
  • Glossary
  • Solutions
  • Pricing
  • Submit
LawyerAILawyerAI
  1. Home
  2. ›
  3. Glossary
  4. ›
  5. Third-Party Risk (Legal AI)

Third-Party Risk (Legal AI)

The risk that AI vendors and their subprocessors create to a law firm's data security, regulatory compliance, and professional responsibility obligations through data handling practices, subprocessor chains, vendor financial instability, or acquisition by new ownership.

Last reviewed: 2026/05/25

Definition

Why It Matters for Lawyers

How AI Tools Handle It

Frequently Asked Questions

What third-party risks do legal AI vendors create?
Legal AI vendors create six categories of third-party risk for law firms: (1) Training data risk — the vendor may train or fine-tune models on client documents, embedding client information in the model. (2) Subprocessor risk — the vendor relies on infrastructure providers and inference API providers who have their own access to data. (3) Acquisition risk — the vendor may be acquired by a company with different data handling practices, and acquisition changes the effective owner of the firm's data. (4) Data residency risk — data may be stored in jurisdictions with different legal protections than expected. (5) Breach risk — a vendor breach exposes client data that the attorney's privilege and confidentiality obligations required to be protected. (6) Continuity risk — vendor insolvency or discontinuation leaves client data in an uncertain state.
How do I assess an AI vendor's subprocessors?
Start by requesting the vendor's current subprocessor list, which GDPR-compliant vendors are required to maintain and make available. Review each subprocessor against three criteria: (1) Identity and function — who is this company and what does it do with the data? Common subprocessors include cloud infrastructure providers (AWS, Azure, GCP), inference API providers (OpenAI, Anthropic, Cohere), and analytics tools. (2) Data access — does this subprocessor have access to client content, or only to metadata or operational data? (3) Geographic location — is this subprocessor subject to data protection laws adequate for the client data being processed? GDPR Article 28 requires that subprocessors be bound by the same data protection obligations as the primary processor. Ask vendors how they enforce subprocessor obligations contractually and through audits.
What contractual protections reduce third-party AI risk?
Six contractual protections significantly reduce third-party AI risk: (1) No-training clause — explicit prohibition on using customer data to train or fine-tune any AI model, without exception. (2) Subprocessor approval rights — the right to be notified of and, ideally, to approve new subprocessors before they are engaged. (3) Data deletion on termination — a firm timeline for deletion of all customer data (including from subprocessors) following contract termination, with certification. (4) Change of control provisions — the right to terminate the contract without penalty if the vendor is acquired by a specified category of acquirer. (5) Audit rights — the right to request SOC 2 reports or to conduct security assessments. (6) Breach notification — specific breach notification timelines, typically 48-72 hours for breaches affecting client data.

Related Concepts

Security

Data Processing Agreement (DPA)

A contract required by GDPR between a data controller and processor, governing how personal data may be handled, secured, and returned or deleted.

Security

SOC 2 Type II Compliance

An independent CPA audit confirming a vendor's security controls operated effectively over 6–12 months against AICPA Trust Service Criteria.

Security

Zero Data Retention (ZDR)

An AI vendor commitment that customer inputs and outputs are not stored beyond the immediate processing session — the strongest available privacy assurance for sensitive legal queries.

Security

GDPR Compliance (AI-Assisted)

Using AI tools to identify, manage, and document compliance obligations under the EU General Data Protection Regulation across organizational data practices.

Related Tools

  • Onit

    Enterprise legal management platform for in-house teams — matter management, e-billing, legal holds, and workflow automation.

  • Mitratech

    Enterprise legal and compliance management platform serving Fortune 500 legal departments and compliance teams.

  • NAVEX Global

    Ethics and compliance management platform covering hotline reporting, policy management, and third-party risk.

Last reviewed: 2026/05/25. Definitions are written by the LawyerAI Editorial team. We do not accept affiliate commissions; Featured placement is clearly labeled and does not influence editorial content.

← All glossary terms
LawyerAILawyerAI

Independent Reviews

The independent directory of AI tools for lawyers — reviewed by methodology, not by ad budget.

X (Twitter)
Tools
  • Search
  • Categories
  • Tag
  • Collection
Resources
  • Blog
  • Compare
  • Glossary
  • Solutions
  • Pricing
  • Submit
  • Suggest a Tool
  • Newsletter
Company
  • About Us
  • Studio
Legal
  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • Refund Policy
  • Editorial Independence
  • Sitemap
Editorially independent. Methodology open and versioned.
© 2026LawyerAI Editorial

Third-party risk, in the legal AI context, is the category of risk that law firms and legal departments accept when they engage AI tool vendors — and, through those vendors, the vendors' own subprocessors and technology partners. Unlike direct operational risks that a firm controls internally, third-party risks arise from decisions and events at organizations the firm does not control: the AI vendor, the cloud infrastructure provider the vendor uses, the inference API provider the vendor's model runs on, and any other company in the data processing chain.

For law firms, third-party AI risk is particularly consequential because the data being processed by AI tools is client data — information protected by attorney-client privilege, subject to confidentiality obligations under ABA Model Rule 1.6, and often covered by additional regulatory protections (GDPR, HIPAA, CCPA). A third-party breach or data misuse that would be a business problem for other enterprises is a professional responsibility crisis for a law firm.

The third-party risk chain in a typical legal AI deployment runs: law firm → AI platform vendor → cloud infrastructure (AWS, Azure, or GCP) → AI model provider (if the vendor uses third-party model APIs) → analytics subprocessors → other subprocessors. Each link in this chain represents a party with some form of access to client data, and each link represents a potential failure point. A GDPR-compliant vendor with an inadequately governed subprocessor remains the law firm's regulatory responsibility — the DPA chain must extend all the way down.

The legal profession's fundamental obligation to protect client confidentiality makes third-party risk management a professional responsibility obligation, not merely a business risk management function. ABA Model Rule 1.6(c) specifically addresses the duty to make "reasonable efforts" to prevent unauthorized disclosure of client information — and commentary to the rule indicates that this obligation extends to third-party service providers.

The bar is not hypothetical about this. Multiple state bar ethics opinions specifically address the obligation to conduct due diligence on cloud service providers and AI tool vendors before entrusting client data to them. The California State Bar's ethics opinions on cloud computing and legal AI have been particularly influential, establishing a framework that attorneys must: understand how the vendor handles data, verify that adequate security measures are in place, ensure that the vendor commits to confidentiality, and monitor vendor practices over time.

Acquisition risk has become a live concern in the legal AI market. Casetext, a widely used legal AI platform, was acquired by Thomson Reuters in 2023. Evisort, a contract AI platform, was acquired by Workday in 2023. Kira Systems was acquired by Litera. Each acquisition changes the effective owner of client data that law firms had placed in these platforms — and potentially changes the data handling practices, jurisdictions of data storage, and commercial incentives that govern how that data is used. Firms that have no contractual change-of-control protections in their vendor agreements may have limited recourse when a vendor's new ownership brings materially different data practices.

How It Works

Third-party risk management for legal AI follows a structured process spanning the vendor relationship lifecycle.

Pre-engagement due diligence is the primary control point. Before executing a contract with an AI vendor, law firms should conduct a structured risk assessment covering: the vendor's data handling practices (training data policy, data residency, subprocessor list), security posture (SOC 2 Type II report, ISO 27001 certification, penetration test results), financial stability (relevant for smaller vendors where business continuity risk is higher), and contractual protections offered in the DPA. This due diligence should be documented.

Contractual risk allocation translates the due diligence findings into contractual terms. The data processing agreement is the primary contractual vehicle for third-party risk allocation. Key provisions include: a no-training clause, subprocessor notification and approval rights, data deletion obligations on termination, breach notification timelines, audit rights, and change-of-control termination rights.

Ongoing monitoring extends risk management through the vendor relationship lifecycle. Vendor practices change — a vendor that did not train on customer data in 2023 may revise that policy in 2025. Subprocessor lists change. Security certifications expire and may not be renewed. Vendors get acquired. Continuous third-party risk monitoring — whether conducted internally or through a platform like Onit or Navex Global — tracks these changes and triggers re-evaluation when significant changes occur.

Incident response integration ensures that when a third-party vendor suffers a breach or makes a material data handling change, the law firm has a pre-planned response: notifying affected clients, assessing the impact on privilege and confidentiality, coordinating with the vendor, and documenting the firm's response as evidence of reasonable protective measures.

Key Considerations for Law Firms

The subprocessor list is the risk map. Most law firms sign DPAs with AI vendors without reading the subprocessor lists that are typically appended to or linked from those DPAs. The subprocessor list reveals the actual data processing chain — including which inference API providers have access to client document content, which cloud regions data is stored in, and which third-party analytics tools receive operational data. Reading the subprocessor list is fundamental to understanding the actual third-party risk exposure.

Inference API providers deserve particular scrutiny. Many legal AI platforms do not run their own AI models — they use third-party inference APIs (calling OpenAI's GPT-4, Anthropic's Claude, or similar models via API). When a law firm's client documents are sent to the primary AI vendor, they may then be passed to the inference API provider's servers for processing. The inference provider's data handling policies — including whether they log inputs and outputs, how long they retain request data, and whether they use API requests for training — become part of the firm's risk profile.

Acquisition risk requires contractual planning. The legal AI market has seen significant consolidation and will likely see more. Firms should include change-of-control provisions in their AI vendor agreements that give the firm the right to terminate without penalty if the vendor is acquired by a specified list of companies (such as litigation adversaries, opposing law firms, or companies with materially different data practices). Without this provision, a firm may be bound by a vendor agreement with an owner they would never have chosen.

Small vendors carry concentration risk. A small AI vendor that provides a unique and highly integrated service creates concentration risk: if the vendor becomes insolvent, is acquired in a distress sale, or simply shuts down, the firm loses the service suddenly and may have difficulty retrieving its data. Firms should assess vendor financial stability as part of third-party risk evaluation, particularly for vendors on whom they become heavily operationally dependent.

Limitations and Risks

Due diligence is inherently backward-looking. Third-party risk due diligence evaluates a vendor's current practices. It cannot guarantee how the vendor will behave in the future. A vendor that passes due diligence today may be acquired next year, revise its training data policy next quarter, or suffer a breach next month. Due diligence reduces but does not eliminate third-party risk.

Contractual protections require enforcement. A DPA that prohibits training on customer data is only as effective as the firm's ability to verify compliance and enforce the prohibition. Most law firms lack the technical capacity to audit an AI vendor's model training practices independently. Contractual protections should be combined with vendor representations, certifications (SOC 2), and audit rights rather than treated as self-enforcing.

Small firms may have limited negotiating leverage. The most protective contractual provisions — custom no-training clauses, change-of-control rights, audit rights — are most readily negotiated by large law firms with significant contract value. Small firms using AI tools through self-service subscription arrangements may have no ability to negotiate beyond the vendor's standard terms. For these firms, vendor selection based on vendors who offer strong standard terms is the primary risk mitigation tool.