If I was a law firm, I would not trust my client’s information with Harvey or OpenAI. It honestly doesn’t matter what they promise if my reputation is on the line. No company can promise not to be hacked or leaked.

I agree from the perspective that they're probably using the data to do training which is a big big no no in the space, but in terms of hacking, that's true of basically any platform. Certifications like SOCII and Fedramp exist, and even old players like relativity are moving into the cloud. Unless law firms suddenly start wanting to manage their own IT infrastructure, trusting some slice of tech is necessary.

But your firm can guarantee it won’t be hacked? Or broken into. Or social engineered. Or…

What's more likely - someone targeting your particular law firm or someone targeting OpenAI?

I’d say a small law firm. They don’t have a security team, they’re routinely targeted by phishers, and their data is easier to convert into money than the huge mass of (mostly completely uninteresting) data fed into ChatGPT.