Cloud vs. local AI for lawyers — a practical framework
Not every matter needs the same AI posture. Here is the four-tier framework we use: cloud-safe, redact-first, local-only, and do-not-AI — and how to decide which tier a document belongs in.
Why the question is not "cloud or local"
Cloud AI tools (ChatGPT, Claude, Gemini) are the most capable and the easiest to use. Local models (via Ollama or LM Studio) keep everything on your hardware but trade away some capability. Framing it as a binary choice misses the real issue: what leaves your machine. ABA Formal Opinion 512 makes the stakes concrete — inputting confidential client information into a generative AI tool can require informed client consent. The practical answer is to sort each task into a tier before you paste anything.
Tier 1 — Cloud-safe
Work that contains no client confidences at all: legal research questions, drafting a generic clause library, summarizing a published opinion, writing a CLE outline. Use whichever cloud AI you prefer, directly. Nothing to redact, nothing to consent to.
Tier 2 — Redact-first (most client work lives here)
Work grounded in a real matter — summarizing a settlement, building a chronology from filings, drafting from a precedent agreement — where the substance is what you need the AI for and the identifiers are what make it confidential. Redact locally first: names, addresses, SSNs, account and case numbers become reversible tokens like [[PERSON:01]]; the tokenized copy goes to the AI; the answer decodes back to real names on your machine. This is the workflow Lex Redactus exists for — see the step-by-step guide. You review every detection before export; human review is the safety gate.
Tier 3 — Local-only
Matters where even a tokenized document should not reach a third-party server: the fact pattern itself is identifying (a small town, a unique transaction), a protective order or engagement term restricts disclosure, or the client has said no to cloud tools. Run a local model with Ollama or LM Studio and keep the entire round trip — document, redaction, AI, decode — on hardware you control. The redact-then-decode workflow works identically; expect a smaller model to need shorter documents and more specific prompts.
Tier 4 — Do-not-AI
Some material should not go into any model, local or cloud: privileged strategy where the AI's output could become discoverable work product you did not intend to create, documents under seal, grand-jury material, classified or export-controlled content, and anything a court order or engagement letter walls off. The fastest way to lose the benefit of a framework is to treat it as optional under deadline pressure — decide the tier first, then work.
Deciding in practice
- Default client work to Tier 2. If the document names a client, redact first — it takes minutes and produces a signed certificate recording what was protected.
- Escalate to Tier 3 when identity leaks through facts, not just names, or when an order/engagement says so.
- Ask the consent question early. If a matter will involve AI regularly, address it in the engagement letter rather than one paste at a time.
- Keep records. Whatever tier you choose, be able to show what you did — Lex Redactus seals every redaction and export in a tamper-evident certificate, which is documented diligence you can produce, not a compliance guarantee.
This guide is general information about workflow design, not legal advice, and using Lex Redactus creates no attorney-client relationship. How any rule applies to your matter is a judgment call that stays with you.
Ready to try it? Start a 14-day free trial — no card required.
Lex Redactus helps you prepare documents for attorney review. It is not legal advice and not a substitute for professional judgment, and it produces documented diligence, not guaranteed compliance. All examples use synthetic data.