Two recent decisions, one from a US federal court in New York, and the other from a UK tribunal, have answered a question that most lawyers have not yet thought to ask: if you use a publicly available AI platform to work through a client matter, is that work protected?

And the short answer, in both jurisdictions, is no. And for lawyers practising in the UAE, whether in the UAE mainland, in the DIFC, or in the ADGM, the implications are direct.

The Decisions

United States v Heppner (Southern District of New York)

Bradley Heppner, knowing he was under criminal investigation, used Claude – a publicly available AI platform, to generate 31 documents analysing potential defence strategies. When the FBI executed a search warrant at his home, those documents were seized. When Heppner, through his counsel, asserted privilege over these documents, Judge Rakoff held they were unprotected on three independent grounds: the communications were with an AI platform, not a lawyer; Heppner had no reasonable expectation of confidentiality given the platform’s own terms of service; and privilege attaches only to communications made for the purpose of obtaining legal advice from a lawyer – a purpose an AI tool cannot fulfil. The court also held that even if Heppner had intended to share these documents with his counsel, these communications were already non-privileged and would not change into privileged ones upon being shared with his counsel. The Work Product doctrine (which protects materials generated by or at the behest of counsel) also did not come to Heppner’s aid because, as the court found, the document were not prepared by his attorney nor his agents.

One important nuance the decision leaves open: had his counsel directed Heppner’s use of the AI as part of the advisory process, the outcome might have differed.

Munir v Secretary of State for the Home Department [2026] UKUT 81 (IAC)

The UK’s Upper Tribunal reached the same conclusion by a different route, where the immediate issue was AI-generated fictitious legal authorities cited by a solicitor using a publicly available AI platform. However, the Tribunal went further and observed that uploading confidential client documents to an open-source AI tool places that material in the public domain and waives legal privilege. Where Heppner held that privilege never arose, Munir held that privilege existed but was lost the when the material was entered into a public platform.

What This Means for Lawyers in the UAE

UAE Mainland

The UAE does not recognise attorney-client privilege in the common law sense. The protection that exists is framed as a confidentiality obligation imposed on the attorney: Article 45 of UAE Federal Decree – Law No. 34 of 2022 requires attorneys to keep confidential all communications made in the course of their professional representation, subject to limited carve-outs include of crime-prevention.

Therefore, uploading client material to a public AI platform – one operated by a third-party commercial provider with its own data practices – is a direct breach of that duty. No privilege analysis is required to reach that conclusion as the lawyer has voluntarily placed the client’s information in the hands of a third party.

DIFC

In the DIFC, the rules of privilege operates via three layers.

The first is conduct. The DIFC Courts’ Mandatory Code of Conduct for Legal Practitioners (Order No. 2 of 2025) imposes at a binding obligation on all registered practitioners to keep client information confidential unless disclosure is authorised by the client, ordered by the Courts, or required by law – an obligation that survives the end of the engagement. Entering client material into a public AI platform would be a straightforward breach of this obligation.

The second is that the Code implicitly acknowledges an underlying privilege right that it does not define. Part C(1) of the Code provides that a practitioner withdrawing from a matter may not disclose information protected by “the client’s privilege of confidentiality” – a phrase the Code uses but never defines, insinuating that privilege exists as a pre-existing right rather than one the Code itself creates.

The third is statutory. DIFC Law No. 3 of 2004 – the Law on the Application of Civil and Commercial Laws in the DIFC, as consolidated in November 2024 – provides at Article 8A(3) that common law supplements DIFC Statute where no statutory provision covers the point, and that the DIFC Courts may have regard to the common law of England and Wales when determining what that common law is. There is no DIFC Statute that expansively defines privilege or waiver. Where that gap exists, the DIFC Courts may supplement DIFC law by reference to common law principles. And while Munir will not bind the DIFC Courts, it can be a reference point when the Courts turn to fill the gap. A practitioner facing a privilege challenge in the DIFC who has uploaded client material to a public AI platform may find Munir cited against them.

ADGM

The position in the ADGM is stronger.

Article 1(1) of the Application of English Law Regulations 2015 (“AELRs”) provides that the common law of England, including the rules and principles of equity, as it stands from time to time, shall apply and have legal force in, and form part of, the law of the ADGM. This is not a gap-filling mechanism or a discretionary reference point. English common law is directly incorporated into ADGM law.

The ADGM Court of Appeal settled the point in AC Network Holding Ltd v Polymath Ekar SPV1 [2023] ADGMCA 0002, holding that the doctrine of precedent is itself a feature of English common law and that ADGM courts are bound by it. Lord Hope drew the contrast with the DIFC plainly: in the DIFC, English law steps in only when the DIFC's own rules and other applicable law provide no answer; in the ADGM, it is the law.

Munir does not cite authority for its conclusion that uploading confidential material to a public AI platform places it in the public domain and waives privilege – the Tribunal states the position without attribution. But if that is a correct statement of English law, the consequence for ADGM practitioners follows directly: that same law forms part of ADGM law through Article 1(1) of the AELRs, and would reach the same conclusion.

The Practical Rule

Neither decision says that AI has no place in legal work. What they do say is that a public AI tool – one operated by a third-party provider under its own terms is not the right environment for client material. Lawyers working on contentious matters in particular should avoid uploading documents to any public platform, and instead look to AI services that offer closed environments, contractual confidentiality commitments, no training on client data, and clear data retention and deletion controls and policies.

Until a court in this region rules otherwise, there is only one defensible position on the rest: treat a public AI platform as public domain. These two decisions have already made the case.