CYBERSIGHT 360 | Latest legal insights on cyber security and cyber insurance. Learn more.

Client portal
Lander & Rogers Connect
Lander & Rogers logo

Statement of Artificial Intelligence Applicability

1. Objective

The Statement of Artificial Intelligence (AI) Applicability is designed to transparently communicate Lander and Rogers' use of AI to clients and stakeholders. The document serves as a structured guideline, addressing the ethical, practical, and technical aspects of AI use within Lander and Rogers (firm). Its primary intent is to foster trust and confidence by outlining the scope of the firm's AI applications, the safeguards the firm has in place to protect client data, and the governance measures the firm has for ensuring responsible AI use.

2. Introduction

(a) Purpose of the document

This document outlines the firm's use of AI (both generative AI and more traditional forms of machine learning) and aims to provide transparency, assure clients about the protection and governance of their data, and highlight compliance with legal, ethical, and regulatory standards.

(b) Overview of AI in Legal Practice

AI is used by the firm to enhance efficiency, accuracy, and client service by streamlining processes and reducing errors. However, oversight by legal professionals remains central in legal matters to ensure that professional judgment and expertise guide all legal services. All AI-assisted legal work is subject to solicitor review and supervision, ensuring AI is used solely as a support tool and not as a decision-maker.

3. Scope of AI usage in legal services

(a) Potential Applications of AI. AI may be applied in the provision of various legal services, including, but not limited to the following:

  • Meeting documentation and recording actions
  • Legal research
  • Data extraction and analysis
  • Document categorisation and analysis
  • eDiscovery
  • Contract analysis and preliminary drafting
  • Workflow automation for administrative tasks
  • Automation of routine tasks
  • Compliance and risk monitoring
  • Knowledge management
  • Translation.

(b) Limitations of AI

AI is not a replacement for legal judgment or expertise. To maintain professional independence, accountability, and integrity, the firm has identified explicit areas where AI is not used, such as decision-making and reasoning in legal advice.

4. Treatment of client data

(a) Data Handling and Privacy

  • (i) Client data is treated with the highest level of confidentiality. No training of AI models occurs using client data. We only use AI tools that are secure and have measures to protect your data in accordance with our confidentiality obligations.
  • (ii) All personally identifiable information is managed in strict compliance with all applicable privacy laws by the firm and by the firm's suppliers.

(b) Storage

AI involves the input of data (Prompts) to generate outputs in response. Firm approved AI tools used at the firm must be configured to allow for the disabling of Prompt storage, to ensure that confidential and/or sensitive client data inputs or outputs are not retained or stored beyond their intended purpose.

(c) Access

Access to AI-processed data is managed through access-based controls, with permissions granted only as necessary to perform specific tasks.

5. Data governance and security

(a) Key Governance Policies

The firm’s internal policies governing data use include data classification, and data lifecycle management, as well as regular audits to ensure compliance and effectiveness. Prompts and outputs of AI tools are subject to the same internal governance policies.

(b) Security Measures

Data (including both Prompts and outputs of AI tools) is protected using encryption both at rest and in transit. Continuous monitoring systems are in place to detect and prevent data breaches.

(c) Retention

Client data processed by AI (both Prompts and outputs) is retained only for as long as necessary. Secure deletion of client data is assured upon client request (subject to the conclusion of our risk management protocols for each client matter).

6. Ethical considerations and compliance

(a) AI Governance Framework

The firm adheres to principles of privacy, transparency, accuracy, and accountability in AI usage. Our AI Use Policy is regularly reviewed and updated to reflect evolving best practices.

(b) AI Error Detection and Prevention

The firm implements robust measures to detect and prevent AI errors, including hallucinations or inaccurate outputs. Human validation processes are in place to identify, review, and mitigate potential errors or risks arising from AI outputs. Continuous monitoring ensures outputs align with accuracy and reliability expectations.

(c) Compliance Standards

The firm complies with all applicable laws and regulations and is committed to best practices for Australian legal service providers to ensure ethical and lawful application of AI. The firm will also monitor and evolve our compliance program to meet maturing AI rulings ensuring continued adherence to legal and regulatory frameworks.

(d) Staff Training

The firm organises all partners and staff regular training on the ethical and practical aspects of responsible AI usage, to ensure responsible and effective application of AI tools and practices.

7. Key controls to protect client interests

(a) Oversight Mechanisms

All AI-assisted legal work is subject to human solicitor review and supervision to ensure accuracy and reliability. AI is strictly used as a support tool, with decision-making remaining a human professional responsibility.

(b) Guardrails in Place

To protect client data, the following measures are implemented:

  • (i) Encryption of data at rest and in transit.
  • (ii) Role-based access control policies to limit data exposure.
  • (iii) Maintenance of data sovereignty within Australia.
  • (iv) Data lifecycle management and classification policies to limit data exposure.
  • (v) Disabling of Prompts where applicable to safeguard confidential and/or sensitive data inputs.

8. Suppliers

(a) The firm expects all its suppliers to comply with the Supplier Code of Conduct available here including in relation to our policies for privacy, information security and AI use.

(b) Suppliers using client data require the following consent:

  • (i) Obtain our prior express written consent before using or deploying any AI system to provide legal services.
  • (ii) Obtain our written consent before making any changes to the AI system or the data upon which the AI system is trained that may affect the risk, functionality, or operation of our use or deployment of the AI system.

(c) Transparency

(i) Suppliers must:

  • (i) Do all things reasonable to assist us assess the level of risk associated with the AI system to implement best practice technical controls to detect fraudulent or unauthorised use;
  • (ii) Ensure that the provision of AI services does not involve the use of restricted data without our express written consent and monitor, detect, mitigate, and report any biases, hallucinations, distortions, or vulnerabilities in the AI output;
  • (iii) Give us permission to test, demonstrate, or pilot the AI system before deployment, at periods specified by us and promptly on request, so as to demonstrate compliance with their obligations and industry best practice (Audit); and
  • (iv) Notify us about the use or reliance or proposed reliance on any third-party software in providing AI services and ensure that we have the right to use such software.

(d) Quality and Compliance

(i) Suppliers must:

  • (i) Comply with all applicable data protection legislation and obtain all legally required consents and issue required notices in respect of any personal information contained within the training data; and
  • (ii) Warrant that the AI system is fit for purpose, of satisfactory quality, and materially free from defects, and indemnify us against all loss or damage arising from claims brought by third parties.

9. Client communication and assurance

(a) Commitment to Transparency

The firm’s AI Policy, including guidelines and practices, is made readily available to clients. Regular updates are provided regarding AI tools and methodologies. Clear communication channels are available for clients to raise concerns or ask questions about AI usage.

(b) Comfort and Collaboration

The firm assures clients that AI is used to enhance rather than replace personalised service. Collaboration with clients is prioritised to address specific concerns or preferences related to AI use.

10. Contact information

For inquiries, feedback, or concerns regarding AI use, clients may contact ai.governance@landers.com.au.

Last Updated: February 2025