The "OpenAI" Subpoena: Is Your P.I. Accidentally Making your Case Files Discoverable?
The Nightmare Scenario
You hire a private investigator to assist with a sensitive corporate embezzlement case or a high-asset divorce. You send over the discovery file—PDFs of depositions, bank statements, and your own case notes outlining legal strategy.
Two weeks later, opposing counsel files a motion to compel discovery of "all third-party AI prompts and outputs."
You think you’re safe. You think that’s work product. But you might be wrong. Why? Because your PI, trying to save time, uploaded your PDFs into a public instance of ChatGPT to "summarize the key dates."
By doing so, they didn't just break confidentiality; they effectively handed your privileged strategy to a third party (OpenAI), creating a permanent digital record that is potentially discoverable.
The Weakest Link in Your Cyber-Security
Most attorneys understand they shouldn't put client data into public AI tools. However, very few vet whether their vendors are doing it.
The barrier to entry for "AI Investigation" is dangerously low. Any PI can buy a $20 subscription to ChatGPT, upload your documents, and ask it to find contradictions. It’s fast, it’s cheap, and it exposes you to three massive risks:
Data Retention: Standard AI models (like the consumer versions of ChatGPT, Claude, or Gemini) retain inputs to train their future models. Your client's secrets become the AI’s learning material.
Third-Party Disclosure: When a PI uploads a deposition, they are technically sharing it with a third-party vendor without a Business Associate Agreement (BAA) or data segregation policy.
The Waiver Risk: Courts are increasingly viewing this as a waiver of privilege. You cannot claim confidentiality for a document you voluntarily fed into a public machine learning algorithm.
The Solution: Private Intelligence vs. Public AI
This doesn’t mean we shouldn't use AI. We absolutely should—it is the most powerful tool for analyzing large datasets in history. But which AI we use matters.
At OnTrial, we differentiate between Public AI and CLOSINT (Closed-Source Intelligence).
When we process your case files, we never use public, web-based chatbots. We use locally hosted or enterprise-segregated Large Language Models (LLMs) where the data retention policy is set to zero.
No Training: Your case data is never used to teach the model.
No Retention: Once the analysis is run, the instance is wiped.
No Leakage: The "brain" we use to analyze your case is walled off from the public internet.
Client Task: The 5-Minute "Turing Test" for Your PI
Do you suspect your current investigator might be cutting corners with public AI? You don't need to be a coder to check. Open their last report and perform this 3-step audit.
1. The "Ghost Quote" Audit (CRITICAL)
AI models are trained to be conversational. They often "paraphrase" a witness's sentiment but present it as a direct quote to look authoritative. If you put a hallucinated quote in a motion, you get sanctioned, not the PI.
The Test: Pick a sentence in the PI's summary enclosed in "quotation marks."
The Action: Open the original transcript PDF and press Ctrl + F. Paste the quote exactly as it appears in the report.
The Red Flag: If your search returns 0 Results, the quote is a hallucination. The AI invented the wording, and your investigator didn't verify it.
2. The "Robot Vocabulary" Search
LLMs rely on a specific set of words that humans rarely use in professional investigative writing. Search the report (Ctrl + F) for these tell-tale words:
"Delve"
"Tapestry"
"Underscore"
"Testament"
The Red Flag: If these words appear frequently, it is highly likely the text was generated by a standard GPT-4 model without human editing.
3. The "Policy" Demand
Do not rely on free online "AI Detectors"—uploading your privileged report to another website just compounds the security risk. Instead, send this one-line email to your vendor:
"Please forward me your firm’s Data Retention Policy regarding the use of Generative AI with client data. Specifically, do you use public-facing models or enterprise-segregated instances with zero retention?"
If they don't have a policy, or if they take three days to reply, you have your answer.