Resource
Privacy by Design for Legal AI
Principles for minimizing sensitive data, redaction, and safe UX cues in legal-adjacent products.
Principles
- Minimize: Ask for the smallest amount of information needed.
- Redact: Encourage removing names, addresses, account numbers, case numbers.
- Warn: UI should remind users not to paste sensitive data.
- Separate: Keep analytics and user content isolated.
- Audit: For hosted systems, log access and retention policies.
UX patterns that help
- Place “do not paste sensitive data” reminders near inputs.
- Provide examples of safe prompts.
- Offer downloadable summaries without storing content.
This demo site follows the last point: it runs in your browser and does not upload text anywhere.