Deterministic AI governance for law firms

Draft at AI speed. Verify with mathematical certainty.

Generative AI drafts fast. It cannot verify citations, enforce your policies, or prove supervision to a client, insurer, or bar inquiry.

We enforce an absolute split: let AI draft, then a deterministic spine verifies the record before anything leaves your firm.

De-Risk Your Firm’s AI Workflows → Examine Our Governance Frameworks →

Or open GhostCite (free citation checker) →

CIPP/US certified · 30+ years verification engineering · Salma Saad

The AI Compliance Framework

Three operational risks every firm must govern.

The Verification Risk

Courts have sanctioned lawyers for fabricated citations (see Mata v. Avianca). A single hallucinated cite can trigger malpractice exposure and bar discipline. What we do: GhostCite cross-references every citation directly against court records. We never use AI to check AI. GhostCite confirms that citations resolve and quoted language appears in the opinion, your existing citator, such as Shepard’s or KeyCite, still tells you whether those authorities are good law.

The Boundary Risk

Using third-party AI can waive attorney-client privilege (U.S. v. Heppner, 2026). Chat logs can be subpoenaed (In re OpenAI). One paste of a client name into the wrong tool can become a privilege fight. What we do: Presidio redacts client names, case numbers, and identifiers before any text reaches an external API. Only anonymized text leaves your perimeter.

The Supervision Risk

Most firms have no technical mechanism to enforce operational redlines or prove firm rules were actually followed. When a client, insurer, or regulator demands proof of active supervision, a static policy PDF offers zero defense.

What we do: Preflight translates your firm’s compliance rules into enforceable code at the API perimeter, automatically blocking or allowing actions in real-time. Each check generates a tamper-evident, cryptographic receipt, allowing you to conclusively prove systemic oversight to external auditors without exposing privileged client data.

Before You Deploy Infrastructure, Govern What You Already Have

Most firms already have AI in use. The risk isn't that your team isn't using it, it's that no one is governing it.

Shadow AI is the gap between what your firm's policy says and what your attorneys actually do. Associates paste client names into ChatGPT. Partners use personal Claude accounts. Paralegals share drafts through consumer tools. None of it is logged. None of it is defensible.

Our Course 1 workshop, Defeating Shadow AI, Governance via NIST AI RMF, is a live session for managing partners, GCs, and risk committees. Flat fee. No subscription. No sales deck.

  • Map every AI tool your staff is currently using
  • Set enforceable guardrails aligned to NIST AI RMF
  • Document active supervision for clients, insurers, and bar inquiries
  • Understand the ISO CG 40 47 / CG 40 48 insurance blind spot before your next renewal
Govern the AI Your Staff Is Already Using → See Full Training Curriculum →

How the Deterministic Spine Works

We enforce an absolute operational split: generative language models handle drafting, while a secondary, deterministic spine verifies the integrity of the output. The AI drafts, the verification spine verifies without using AI. Verification (redaction, citation checking, and rules enforcement) is handled by deterministic systems, not generative AI, so you have a stable, inspectable record of what ran on each matter. We do not replace your research platforms or citators, instead, we design the workflow so your current tools and GhostCite run together in a predictable, repeatable sequence.

Presidio

Redacts client names and PII identifiers automatically within your secure perimeter before any external API calls.

Open-source legal AI workspace

Our open-source legal AI workspace is built on a vetted open-source AI assistant for drafting and knowledge search. Installed in your cloud (MIT licensed), it drafts and analyzes using frontier LLMs on anonymized text.

GhostCite

Automatically verifies citations against authoritative court records, catching hallucinations before they cost you time.

Preflight

Enforces rules such as “contracts above $1M require partner approval, at the API layer, issues cryptographic receipts that prove the rule was fired without exposing privileged client data.

Start with training, not tools.

We train your leadership and practitioners to use AI safely and under supervision before we rewire your tech.

View Training & Workshops →

Implementation tracks, after your team is trained.

Most firms start with training and an AI governance assessment, then choose one of these three implementation tracks once they’re ready.

Track 1

Open-source legal AI workspace – Basic, Safe AI Drafting Cockpit

Best for: Small and mid-size litigation teams (≈5 to 40 lawyers).

Outcome: Turnkey deployment of your open-source legal AI workspace with Presidio redaction and GhostCite citation verification in your private cloud, plus a shadow AI inventory, an AI use policy, and training to help your team put that policy into practice. Includes governance playbooks tailored to your firm.

Pricing: Typical investment: $12,000 to $18,000 one-time, flat fee.

Learn more →

Most Chosen

Track 2

Open-source legal AI workspace – Professional, Cryptographic Fortress

Best for: Firms facing insurer demands, client compliance audits, or bar inquiries about associate AI use.

Outcome: Sovereign open-source legal AI workspace deployment with Preflight policy-as-code enforcement, tamper-evident audit logs, and zero-knowledge compliance receipts, plus a shadow AI inventory, an AI use policy, and training to help your team put that policy into practice. Includes governance playbooks aligned to your firm’s supervision and audit needs.

Pricing: Typical investment: $24,000 to $32,000 one-time, or $10,000 to $14,000 as an upgrade within 12 months of Basic.

Learn more →
Not ready to own your own sovereign AI? Start Here

Track 3

Claude for Legal, Assisted Installation

Best for: Firms that want a fast Claude pilot using frontier models, without committing to sovereign infrastructure yet.

Outcome: Assisted installation of Claude for Legal desktop workspaces, plus a shadow AI inventory, an AI use policy, and training to help your team put that policy into practice. Includes governance playbooks, CourtListener guardrails, and tailored onboarding under firm supervision.

Pricing: Typical investment: $7,500 to $10,000 one-time, flat fee.

Learn more →

Flat fees shown on this site are tuned for solo, small, and mid-size litigation teams. Larger-firm sovereign deployments are scoped as custom enterprise projects once we understand your repositories, supervision needs, and audit requirements.

Security & Implementation

Security & perimeter: We retain an expert cybersecurity firm for perimeter design, hardening, and independent penetration testing. We supervise architecture and vendor management to ensure a legal-grade deployment for each firm.

Every engagement follows a structured sequence: 1) Discovery and AI governance design. 2) Architecture and connector design, including any MCP plugins. 3) Security perimeter implementation with an expert cybersecurity firm and independent testing. 4) Phased rollout and training, with audit-ready evidence of supervision and rules enforcement.

Step 1: Training & AI Governance for Your Firm

Most firms work with us first through these courses, then decide whether they want a deeper assessment or a sovereign setup.

Course 1: Defeating Shadow AI, Governance via NIST AI RMF & Claude for Legal

Target: Managing partners, GCs, CCOs, risk/ethics committees.

Outcome: An executive workshop that maps NIST AI RMF onto your firm’s real workflows and uses Claude’s governance capabilities.

Pricing: Flat fee: $3,500 to $4,500 per firm (smaller firms at the low end, larger firms at the high end).

Book Course 1 for Your Firm →

Course 2: Secure Desktop Operations with Claude for Legal

Target: Litigation practice group chairs, senior associates, paralegal managers, KM/innovation leads.

Outcome: A hands-on lab where practitioners learn safe, efficient daily use of Claude desktop/legal tooling, including connectors, privilege scrubbing, and playbook-driven prompting.

Pricing: Flat fee: $3,500 to $5,000 per workshop, depending on scope and attendee count.

Book Course 2 for Your Team →

Not ready to commit to full training yet? We also offer a $500 AI Snapshot & Risk Brief: interviews with up to five people at your firm, plus a short report on how AI is used today and your top risks. Learn about the $500 Snapshot →

Own it, don’t rent it

Once your team is trained and your AI use is governed, the next question is whether you keep renting AI or build a sovereign system you own.

Stop paying rent for AI you’ll never own.

Closed platforms bill every user, every month, and lock you out when a better model launches. We install open-source tools in your own cloud, once.

Rented platforms

Harvey · Legora · CoCounsel

  • Per-seat fees that climb with every hire
  • Client data lives on the vendor’s servers
  • Locked into their model roadmap
  • You own nothing

$200 to $400 / user / month, forever

Own it outright

Your own sovereign system installed in your own perimeter

  • Open-source stack, one-time setup
  • Client data never leaves your control
  • Swap in any new model, anytime
  • You own it as a firm asset

Flat fee · one-time · zero monthly to us

Start with training instead →

Who We Serve

We work with solo practitioners, small firms, and mid-sized litigation teams who need sovereign infrastructure inside their own perimeter: deterministic verification, hardened data custody, and governance you can defend, without per-seat vendor lock-in.

We’ll show you when someone else wins

Our vendor-neutral Compare tool projects three-year TCO, maps where client data travels, and shows which platforms can prove supervision. No sales deck required.

Generate your cost & custody projection →

Simplifying the Institutional Client Audit

When a corporate client, cyber-insurance carrier, or regulator demands proof of compliance, firms usually face a dangerous compromise: exposing internal system logs or manually redacting text by hand, risking a catastrophic breach of attorney-client privilege on unrelated matters.

The Sovereign Solution

Open-source legal AI workspace – Professional, Cryptographic Fortress solves this friction natively. Instead of raw logs, you hand auditors a folder of tamper-proof compliance receipts generated by our deterministic spine, satisfying boards and internal audit committees without exposing proprietary data.

Cryptographic Verification Layer (ICME Labs & Preflight)

We partner with ICME Labs, creators of the cryptographic verification layer for AI agent actions. Preflight compiles your firm’s policy into formal logic, validates each action using a mathematical solver, and wraps the result in a cryptographic proof.

Extending AWS’s Automated Reasoning approach with a portable receipt, a third party can verify that a rule was strictly obeyed in under a second, without ever seeing your underlying data or policy. Built by leaders from Stanford and Imperial College London, the ICME team brings decades of legal practice, Congressional testimony, and peer-reviewed cryptography to your firm’s perimeter.

Defeating Shadow AI, Book a Workshop →

Verification layer

GhostCite: the verification engine we teach and deploy.

GhostCite is our free citation checker, but it’s also the deterministic verification layer we train your team to use and, when you’re ready, wire into your drafting workspace.

No generative AI in the verification step. GhostCite is production-ready today for federal reporters; additional reporters and jurisdictions are on a published roadmap and can be prioritized for design-partner firms.

Verifies federal reporter citations. Quote verification in beta.

For how GhostCite fits alongside Shepard’s, KeyCite, and your existing citator, see the FAQ below.

  • Citation exists in court records
  • Case name matches the record (flags mismatches)
  • Free; optional account for audit trail

See How We Train Teams to Verify AI Outputs → Open GhostCite (Free) →

Want the full sovereign deployment? View setups & add-ons →

See verification in action

GhostCite checks court records deterministically, then shows you exactly what it found.

Common questions

How does Rule26 AI protect my practice from State Bar sanctions?

Bar sanctions come from two places: unverified citations in filings and failure to supervise staff AI use. We address both. GhostCite verifies every citation against court records before you file. And we replace unmonitored consumer AI accounts with a secure corporate perimeter and enforceable AI use policies.

How do your systems simplify compliance audits?

Open-source legal AI workspace – Professional maintains a ledger of tamper-evident cryptographic receipts. You can generate compliance receipts proving your data security rules were enforced, without exposing client files or transaction details.

What exactly is the 'deterministic spine'?

While generative engines are probabilistic tools used to draft and synthesize text, nothing in our verification loop relies on AI guessing. Presidio redacts PII at the perimeter before text reaches an LLM. GhostCite and Preflight form a rigid, mathematical safety net: GhostCite runs binary cross-references against primary legal archives. ICME Labs builds the cryptographic verification layer for AI agent actions. Preflight compiles your firm rules into formal logic solvers at the API gateway layer. If sending a file would violate a firm rule, the transfer is blocked before anything leaves your perimeter, and the receipt proves the block happened, anchoring safety within your walls with a portable receipt so a third party can confirm a rule fired without seeing the data behind it.

Will this replace my staff?

No. We set up supervised workflows, your people still review, judge, and sign off.

Do we have to replace the tools we already use, like Clio, Google Drive, or our citator?

No. Each deployment is a semi-custom build, like a semi-custom kitchen. We integrate the tools you already rely on, such as Clio, Google Drive, and your existing citator, into your workflow instead of replacing them. During discovery we evaluate how your team actually drafts, researches, and runs citation checks, then build around that. Before go-live, we walk through the workflows and test them together with your team to make sure the setup works for how you really practice.

How long does deployment take?

This depends on the complexity of your firm's requirements. Depending on the system it may take several weeks to a couple of months. We will provide a clear timeline after your initial consultation.

Do I own the system, or is it a subscription?

You own it. We deploy sovereign AI infrastructure inside your own cloud perimeter, built on open-source footprints your firm controls, rather than renting per-seat access to an external platform.

Does GhostCite use AI?

Not for verification. GhostCite's primary verification is deterministic: it checks citations and quotes directly against CourtListener's indexed court records. No generative AI is involved in that step.

However, when a deterministic lookup fails (e.g., due to formatting variations or very recent cases), GhostCite may use CourtListener's semantic search as a fallback. Semantic search uses embedding models to find cases by meaning, not exact text. This is not generative AI. It does not create new text or summarize opinions. It simply helps locate cases that a strict citation match might miss.

If semantic search is used, GhostCite clearly labels the result as "semantic search fallback" and reminds you to verify the original source. You remain responsible for final verification.

What happens to text I paste into GhostCite?

We do not train models on your briefs. Guest mode does not save history; accounts store metadata for your audit trail only.

Does GhostCite replace Shepardizing or KeyCite?

No. GhostCite confirms that the building blocks of your brief actually exist in the public record, citations resolve in CourtListener, case names match, and quoted language appears in the opinion. It does not tell you whether a case is still good law, overruled, or negatively treated. For doctrinal validity, we recommend that firms continue to use Shepard's and KeyCite (or their existing citator) and treat GhostCite as the hallucination-detection layer in between AI drafting and a final citator check. High-volume users may choose to support CourtListener with a paid membership for higher API limits, but GhostCite itself remains free.

Does professional liability insurance cover legal AI mistakes?

Many E&O and CGL policies do not automatically cover third-party AI liability. Carriers are adding ISO endorsements CG 40 47 and CG 40 48 that can exclude AI-related claims on renewal. Without auditable AI governance and verification, firms may effectively self-insure malpractice and sanctions risk. Rule26 infrastructure and training document supervision for insurer and bar scrutiny.