Research shows that nearly two-thirds of fee earners use open source artificial intelligence tools such as ChatGPT, admitting that client data and confidentiality can be compromised.
A study by legal software company Access Legal revealed that 59% of 200 UK legal professionals surveyed by Censuswide said they had used unapproved AI applications, such as the free version of ChatGPT, in their client work, in direct breach of the SRA’s Code of Conduct and despite recent warnings given in a landmark court case.
Apex Court’s judgment in Munir v. Secretary of State for the Ministry of Home Affairs [2026] UKUT 81 (IAC) confirmed that the use of open AI applications permanently waives legal professional privilege and breaches client confidentiality. Although the court did not rule that AI has no place in the practice of law, it did draw a clear distinction between open source, public tools and closed, enterprise-level environments where data remains under the control of the company.
As part of our research, we asked 100 UK-based legal leaders (managing directors and practice managers aged 30+) about the oversight of AI within their companies, and 68% said they were fully aware of the use of AI in their companies and believed there was “zero risk” from unauthorized use of AI. The court made clear that this type of conduct warrants referral to the SRA and must in any case be reported to the Information Commissioner’s Office.
Access Legal warns that the investigation has uncovered a disconnect that has significant regulatory implications. Under the SRA Code of Conduct, company leaders have a direct duty of oversight. Leaders who believe their companies have no exposure, even though fee earners are actively using tools for which courts have now ruled waivers, are in breach of that obligation.
Almost three-quarters (71%) of paralegals and 57% of lawyers surveyed admitted to using unapproved AI to meet workload demands, indicating a disconnect between the tools fee earners want and the tools companies are providing, Access Legal said. Although half of the fee earners surveyed said they would like to incorporate AI into their case management systems, only 25% of responding companies currently have that capability in place, a gap that is driving the use of unapproved alternatives, Access Legal said.
Access Andrew Stevens, general manager at Legal, said: “What surprised us was that our research strongly indicates the sheer number of legal professionals using unapproved AI tools and that a significant proportion of leaders are unaware. “We all understand that practitioners are looking for ways to work faster, but after Munir, the consequences of dabbling with the wrong tools are no longer theoretical, they are regulated, permanent, and well-documented.”
For business leaders, Access Legal suggests that the question is no longer whether shadow AI use is occurring, but whether leaders know about it and what they are doing about it.
“Companies that want to get ahead of the curve need to act on two fronts. The first is technology. By providing employees with approved, secure tools that meet the demands of their jobs, there is no incentive to go elsewhere,” Stevens added.
“The second is culture and oversight. Having open conversations at all levels about what people are using and why they’re using it, and putting in place clear oversight. Companies that do both are in a much stronger position. Companies that do neither are exposed in a way that they can no longer exist post-Mounir.”
