For Saudi audit, law & professional firms
Can a Saudi law firm use AI on client matters without breaching confidentiality?
Yes — but only if the firm controls where matter content actually goes. Feeding client files, pleadings, or deal documents into public AI tools sends that data to third-party servers outside the firm's control, which sits uneasily with a lawyer's professional secrecy duties and PDPL. The safer path is automatic classification: keep sensitive matter content in-house, and allow general drafting or research on approved cloud AI under firm policy.
Why this question lands harder for a law firm than most businesses
A matter file is often the single most sensitive category of information a business ever creates about itself: draft deal terms before signing, dispute strategy before it is disclosed, IP filings before a priority date, and personal or family matters a client never intended anyone outside the file to see. A lawyer's duty of confidentiality toward client matters is not an internal policy nicety — it is the basis on which a client hands over information they would not give anyone else. That is why the question of using AI on a matter feels heavier for a law firm than for a marketing team drafting a social post, and it deserves a more careful answer than a simple yes or no.
What AI is good at in legal work — and where it still needs a lawyer
Used well, AI genuinely speeds up parts of legal work:
- Summarizing long contracts, judgments, or document bundles into something a lawyer can review quickly
- Producing first-draft clauses, correspondence, or internal memos that a lawyer then edits and takes responsibility for
- Reviewing a document for a narrow, defined issue — for example, flagging every clause that touches a specific obligation
- Working across Arabic and English, which matters in Saudi Arabia because contracts, pleadings, judgments, and official correspondence are predominantly Arabic
What it is not good at is the part that actually makes someone a lawyer. Legal judgment and the authority to advise a client stay with the lawyer, not the tool. Citations, case references, and statutory detail an AI produces can be wrong or invented outright, so nothing reaches a client or a counterparty without the lawyer checking it against the real source. And AI has no way to weigh the specific facts of a matter the way the lawyer responsible for it does — it can draft around a fact pattern, but it cannot own the judgment call.
What actually happens when a matter document goes into a public AI tool
When a lawyer pastes a contract, a client's personal details, or a dispute summary into a consumer AI chat tool to save time, that content leaves the firm's premises and is processed on a third party's servers, usually outside the Kingdom, under terms the firm did not negotiate and does not control. Depending on the tool, that content may be retained, used to improve the provider's models, or accessible to the provider's own staff. None of that requires bad intent from anyone — it usually happens because a deadline makes the fastest tool the one that gets used. But it is difficult to reconcile with a lawyer's duty of confidentiality toward client matters, and it raises precisely the cross-border-transfer and third-party-access questions that Saudi Arabia's Personal Data Protection Law (PDPL) exists to address.
The pattern firms actually discover: it is rarely one dramatic incident. More often, a firm learns after the fact that several lawyers had already been pasting client documents into public AI tools for months — not because anyone approved it, but because it was the fastest option under deadline pressure.
A workable framework: classify first, decide second
The realistic answer sits between two failed extremes. Banning AI outright tends to push its use underground, where the firm has no visibility at all. Allowing it without limits creates exactly the confidentiality exposure described above. The framework that actually holds up in practice has three parts:
- Keep client-identifying material and matter content processed on infrastructure the firm itself controls, not a third party's servers
- Allow general legal research, drafting boilerplate, and non-matter work on an approved cloud AI provider, under firm policy and the firm's own account
- Make the classification automatic, at the point a prompt is submitted — not a judgment call left to each lawyer under deadline pressure, which is exactly where the previous approach breaks down
Per-matter confidentiality evidence as a client-trust asset
Corporate clients are increasingly asking their outside counsel how AI is used on their matters, not just whether it is used at all. A firm that can only assert it doesn't use AI on sensitive files is asking the client to take that assurance on faith. A firm that can show, per matter, where content was actually processed turns the same question into a point of differentiation rather than a risk to manage defensively.
How Ithbat applies this framework
Ithbat is an on-premise AI gateway that installs on hardware the firm already owns and runs Arabic-first models locally. It classifies every prompt before processing it, checking for Saudi-sensitive indicators — national ID or Iqama numbers, IBAN, VAT and commercial registration numbers, phone and email details, client financial records, and related Arabic and English keywords. Anything flagged as sensitive is kept and served on the firm's own hardware and is never offered to a cloud provider; that is a hard guard built into the system, not a setting a lawyer can turn off under deadline pressure. Non-sensitive, everyday prompts can still be routed to an approved frontier cloud AI on the firm's own account when that is useful, and both paths are governed and logged.
Every inference — whether handled locally or routed to the cloud — produces a hash-chained, tamper-evident evidence record. Only metadata about that record reaches the coordinator dashboard; the actual prompt, response, and any cloud API keys never leave the firm's node. Rolled up per matter, this becomes a bilingual Client Confidentiality Assurance report mapped to PDPL and NDMO concepts, which a firm can share when a client asks how a matter was handled. Because sensitive content is processed on-premise inside Saudi Arabia rather than transferred elsewhere, this is designed for PDPL alignment by construction — formal certification is still completed with the firm's own assessor.