At a CZ and Friends podcast recording, the morning a Cloudflare outage took down large sections of the internet, Cecilia Ziniti, GC AI's CEO and a three-time general counsel, described how GC AI handles data security in legal AI when a primary model provider goes offline:
"Obviously, OpenAI goes down in our case. We've got fail safes. We're able to hot swap models."
Danielle Sheer, Chief Trust Officer and Chief Legal and Compliance Officer at Commvault and the guest on that episode, had a name for what Cecilia described: a spare tire.
"What has to go down for you to be out of business? What are those things? And now tell me, what's your backup plan? What's your spare tire? How do you spin those things up while you're handling the remediation of like what happened? That's what boards want to know."
Sheer came to AI skeptically. Her read on the industry: companies are rushing legal AI adoption with gold rush speed and insufficient attention to what happens when something goes wrong. She drew an analogy to the electrical grid, every home in the US got wired for electricity fast, and homes went up in flames because the code came after the wiring. The code she looks for in legal AI is documented security infrastructure you can verify before the demo ends. Certifications discovered during lawyer review do not meet that bar.
After two years of working through that skepticism directly with Cecilia, Sheer arrived at a conclusion: GC AI gives her "the tone, the tenor, the reliability, the credibility of an LLM that was created by and for lawyers."
Her job is to know exactly how much to trust a vendor. The spare tire question has five legal AI equivalents, but before those questions can be asked usefully, the vocabulary needs to be in place.
Why Legal AI Security Is a Different Evaluation
Legal AI security requires three additional evaluation layers beyond standard enterprise software due diligence. Standard SOC 2 and GDPR procurement processes miss all three.
LLM Training on Confidential Documents
Most enterprise software vendors do not use your data to train their product. Legal AI vendors interact with large language model providers (OpenAI, Anthropic, Google, Cohere, and others) whose base models are trained on massive datasets. Unless your vendor has negotiated explicit zero data retention agreements with each of its LLM providers, your documents, prompts, and outputs could contribute to a model's next training run.
For in-house legal teams, the documents passing through a legal AI platform on a typical Tuesday include NDAs with M&A counterparties, board communications, privileged memoranda, employment investigations, and regulatory submissions. The training-data risk is specific and documentable. Ask every vendor: which of your LLM providers have you signed zero data retention agreements with, and can you produce the contracts?
Attorney-Client Privilege
Sharing documents with software vendors can raise questions about privilege and confidentiality, depending on the vendor's terms, data handling practices, and applicable ethics guidance. The privilege analysis for legal AI continues to evolve as courts and bar associations issue guidance. ABA Formal Opinion 512 (2024) directs lawyers to consider, among other ethical obligations, how AI systems handle client confidences before use. Platforms with documented data segregation, no persistent storage of inputs and outputs, and clear contractual commitments on data use provide a more defensible posture than platforms relying on generic enterprise data policies.
Cross-Border Data Flows
In-house legal teams supporting global companies routinely process documents that touch EU personal data, UK GDPR requirements, and cross-border transfer restrictions under Chapter V of the GDPR. The category includes merger agreements with German counterparties, French employee separation letters, and UK regulatory submissions. Each one creates a cross-border data flow question the moment it moves through a US-hosted AI platform. A legal AI vendor processing EU personal data on your behalf will typically act as a processor under GDPR, so the DPA should be structured to address Article 28 requirements.
What the Certifications Mean
Every major legal AI platform presents a certification portfolio. SOC 2 Type II is now table stakes across the category. The meaningful evaluation happens at the layer below: what each certification proves, where the gaps sit, and what to require beyond the checklist.
SOC 2 Type II
SOC 2 is an auditing framework developed by the AICPA covering five trust service criteria: security, availability, processing integrity, confidentiality, and privacy. A Type II report covers a sustained audit period (typically six to twelve months) and confirms that security controls operated as designed over time. For legal AI procurement, SOC 2 Type II is the minimum acceptable certification and the floor for any conversation about security infrastructure.
Ask how recently the audit was completed, which independent CPA firm conducted it, and whether the report covers all five trust service criteria. A report covering only the security criterion leaves availability, processing integrity, confidentiality, and privacy unaudited.
SOC 3
A SOC 3 report covers the same subject matter as SOC 2 Type II but is designed for public distribution without restrictions. Where SOC 2 Type II reports are typically shared only under NDA with qualified parties, SOC 3 is available on request to anyone: before a DPA, before a vendor security questionnaire, before procurement has opened a formal file. A vendor without a SOC 3 is asking you to evaluate their security posture on faith until a contract is in place.
Zero Data Retention
Zero data retention (ZDR) is a contractual commitment from an LLM provider that inputs and outputs sent via API are discarded immediately after processing. ZDR and "no model training" are two separate contractual commitments; a provider can offer one without the other. Require documentation of both: a ZDR agreement and a prohibition on using your data for model training.
Ask the vendor to specify which LLM providers in their stack carry each agreement. Enterprise agreements and zero data retention agreements are different commitments. Press for the specific contractual language covering each LLM, and map ZDR coverage to the providers handling your highest-sensitivity document processing.
AES-256
AES-256 (Advanced Encryption Standard with a 256-bit key) is the current US government standard for encrypting sensitive data at rest, including classified information. For data in transit, TLS 1.2 or higher provides comparable protection during transmission. Both standards should be treated as baseline requirements for any platform handling confidential legal documents. AES-256 at rest and TLS 1.2 or higher in transit should appear explicitly in any vendor's technical security documentation.
GDPR
The EU General Data Protection Regulation governs the processing of EU personal data. For in-house legal teams at companies with EU operations, GDPR compliance requires documented data processing agreements, a lawful basis for processing, and mechanisms for cross-border transfers. Standard Contractual Clauses are the most common transfer mechanism. Any legal AI vendor processing EU personal data on your behalf operates as a data processor under GDPR, meaning your DPA with them must meet the requirements of Article 28.
Five Questions That Separate Real Security Infrastructure From a PDF on a Website
Sheer's spare tire question has five legal AI equivalents. Each maps to one of the risks above.
Does the Platform Hold a Current SOC 2 Type II Certification?
SOC 2 Type II is the baseline. Ask how recently the audit was completed, which independent CPA firm conducted it, and whether the report covers all five trust service criteria. A report covering only the security criterion is incomplete for legal AI procurement; the audit must address all five trust service criteria: availability, processing integrity, confidentiality, and privacy.
Which LLM Providers Have Signed Zero Data Retention Agreements?
This is the most legally material question in the evaluation. Ask the vendor to identify which LLM providers in the stack carry ZDR agreements, and understand which of those providers handle your highest-sensitivity document processing. For platforms using multiple LLM providers, blanket ZDR across all of them is stronger than selective coverage. Require separate documentation of the ZDR agreement and the no-model-training commitment. These are two distinct contractual requirements.
How Does the Platform Handle Documents After Each Session?
Some platforms store uploaded documents in a knowledge base by default. Others process documents in memory only and discard them at session end. For confidential legal documents, the answer matters: an MNDA uploaded during one session should not be retrievable by another user, and it should not persist beyond your configured retention window. Require database-level data segregation, with your organization's data held in its own isolated index.
What Encryption Standards Govern Data at Rest and in Transit?
AES-256 at rest and TLS 1.2 or higher in transit are the current standards for sensitive data. Ask the vendor to confirm both standards apply to your documents, your conversation history, and any intermediate storage between your session and the LLM provider's API. Anything below AES-256 at rest is worth investigating before a DPA is signed.
Does the Platform Publish a Trust Center?
A Trust Center is a publicly accessible portal where enterprise buyers can request SOC reports, review sub-processor lists, and read security policies without signing an NDA first. Vendors without one ask you to evaluate their security posture on faith. GC AI's Trust Center and Security page provide downloadable SOC reports, sub-processor lists, and DPA documentation without requiring an NDA. A published Trust Center is now a baseline expectation for enterprise legal AI procurement.
[Start my 14-day free trial] [Book a Demo with our Solutions Attorneys]
How the Market Compares on Security
Every major legal AI platform (GC AI, Harvey, Spellbook, and ChatGPT Enterprise) holds SOC 2 Type II certification as of May 2026. The certification floor is a wash. The differences emerge in three layers above it.
Platform | SOC 2 Type II | SOC 3 | GDPR | Best For |
GC AI | Yes | Yes (public, no NDA required) | Yes | Purpose-built for in-house legal |
Harvey | Yes | No | Yes | Enterprise law firms and in-house |
Spellbook | Yes | No | Yes | Law firms and in-house |
ChatGPT Enterprise | Yes | No | Yes | General business use |
SOC 3 accessibility. GC AI's SOC 3 is publicly available without an NDA. Any client, partner, auditor, or procurement team can request it on first contact: before a DPA, before a formal vendor security questionnaire. Harvey, Spellbook, and ChatGPT Enterprise publicly disclose SOC 2 Type II. Publicly available SOC 3 reports for these vendors were not located as of May 2026 (verify against each vendor's trust portal before signing).
ZDR scope. Harvey holds ZDR agreements across all of its LLM providers (OpenAI, Anthropic, and Google Gemini), the broadest coverage in this comparison. GC AI and Spellbook both hold ZDR with OpenAI and Anthropic, which cover the primary document-processing workloads for most in-house legal teams. OpenAI offers ZDR for eligible API endpoints and qualifying use cases; ChatGPT Enterprise retention is controlled by workspace admins (per OpenAI Enterprise privacy).
Purpose-fit. Purpose-fit describes whether a platform was designed for in-house legal work from the start. The comparison table cannot capture it, but the evaluation must include it.
For a deeper breakdown of how each platform's security and in-house fit compares, see GC AI vs Harvey and GC AI vs Spellbook.
The Question Certifications Cannot Answer
SOC 2 Type II tells you the security controls were audited. It cannot tell you whether the platform was built with in-house legal work in mind.
Every platform in this comparison holds SOC 2 Type II. After you verify the certification, the ZDR agreements, and the encryption standards, you are left with the question no audit report covers: was in-house legal confidentiality baked into the architecture from day one, or added to the product roadmap after the Series B?
ChatGPT Enterprise carries the deepest certification portfolio in this comparison: ISO 27001, 27017, 27018, and 27701 alongside SOC 2 Type II. That is genuine infrastructure, audited and documented. The platform was designed for broad business workflows, because that is what it was built to do. A legal team routing privileged memoranda and M&A communications through it is adapting a general-purpose tool to a specific-purpose need. The certifications are real. The architecture was designed for something broader.
GC AI runs a system prompt more than 20,000 lines long telling the underlying LLM it is working for an in-house lawyer, on in-house problems, in an in-house context. That is an architectural choice, made by a CEO who spent years in the role the system prompt describes. Cecilia Ziniti, GC AI's CEO and co-founder, was a general counsel three times (Anki, Bloomtech, and Replit), and in-house counsel at Amazon and Cruise before she built GC AI.
She was the lawyer fielding questions about deals the business had already decided to do, reviewing vendor agreements the team could not afford to escalate, and managing outside counsel spend down to the last matter. When OpenAI went down the morning of the Cloudflare outage, GC AI's architecture swapped models in real time. That kind of redundancy gets built when the founder has been the one on call.
GC AI is SOC 2 Type II and SOC 3 certified, GDPR compliant, with zero data retention agreements with OpenAI and Anthropic, and AES-256 encryption. Data is segregated at the database level: your organization's documents are stored separately from other customers' data. Users may delete inputs and outputs at any time; full organizational erasure is available via security@getgc.ai.
Sub-processor lists, DPA templates, and SOC reports are in GC AI's Trust Center.
"Out of all the AI tools I've used, GC AI delivers the most impact for attorneys: confidential, reliable, and efficient.", Joys Choi, Sr. Director of Legal Operations, Tipalti
GC AI's free legal AI classes are built on the same premise: in-house teams that understand what they're deploying are better positioned to ask the five questions above and evaluate the answers.
Sheer's spare tire question is not complicated. It rarely gets asked before the demo ends and the contract begins. Ask the five questions. Require the documentation. Make the decision from evidence.
Frequently Asked Questions
What Is Data Security in Legal AI?
Data security in legal AI refers to the technical controls, contracts, and certifications that determine whether your confidential documents stay confidential after you upload them. For in-house legal teams, the relevant standards include SOC 2 Type II certification, zero data retention agreements with LLM providers, AES-256 encryption at rest, GDPR compliance, and database-level data segregation. The three risks specific to legal AI: LLM training on confidential documents, attorney-client privilege exposure from shared vendor infrastructure, and cross-border data handling requirements for global operations.
Is GC AI SOC 2 Certified?
GC AI is SOC 2 Type II and SOC 3 certified. SOC 2 Type II confirms that GC AI's security controls operated effectively over an independent audit period. SOC 3 is the public-facing version of that audit, available on request without an NDA. Full security documentation, sub-processor lists, and compliance reports are available in GC AI's Trust Center.
What Is Zero Data Retention and Why Does It Matter for Legal AI?
Zero data retention is a contractual commitment from an LLM provider that inputs and outputs sent via API are discarded immediately after processing; they are not stored, logged, or used for any other purpose. For legal AI platforms, ZDR agreements prevent your contracts, memoranda, and board communications from being retained by the underlying model provider. GC AI has zero data retention agreements with OpenAI and Anthropic. ZDR and "no model training" are separate commitments; require documentation of both.
Does GC AI Train on My Data?
No. GC AI does not use customer data for commercial model training. GC AI does not use documents, prompts, or outputs to train underlying AI models. GC AI's zero data retention agreements with OpenAI and Anthropic reinforce this at the provider level. Data stored on the GC AI platform is segregated at the database level and may be deleted by users at any time, or on request via security@getgc.ai.
What AI Legal Platforms Are SOC 2 Type II Certified?
GC AI, Harvey, Spellbook, and ChatGPT Enterprise all hold SOC 2 Type II certifications as of May 2026. GC AI additionally holds a SOC 3 certification, publicly accessible without an NDA. Harvey additionally holds ISO 27001. ChatGPT Enterprise holds ISO 27001, 27017, 27018, and 27701. Certifications confirm that security controls meet independent audit standards. They do not indicate which platform was purpose-built for legal confidentiality.
What Security Questions Should I Ask a Legal AI Vendor?
Ask five: (1) Do you hold a current SOC 2 Type II certification, and which firm conducts the audit? (2) Which of your LLM providers have signed zero data retention agreements, and can you produce the contracts? (3) How are documents handled after each session? (4) What encryption standards apply to data at rest and in transit? (5) Do you publish a Trust Center with downloadable SOC reports and sub-processor lists? The vendor who answers all five directly is the one worth your DPA.
How Does GC AI Handle Documents After I Upload Them?
Documents uploaded to GC AI are stored in a segregated database via Files, your organization's data is not co-mingled with other customers' data. Users may delete inputs and outputs at any time from within the platform. Full organizational data erasure is available on request via security@getgc.ai. Inputs sent to OpenAI and Anthropic are covered by zero data retention agreements. GC AI encrypts data at rest with AES-256 and in transit with TLS.
What Is the Best AI Legal Platform for Data Security?
For in-house legal teams, GC AI is purpose-built for legal confidentiality, with SOC 2 Type II and SOC 3 certifications, GDPR compliance, and zero data retention agreements with OpenAI and Anthropic. General-purpose platforms like ChatGPT Enterprise hold strong certification portfolios built for broad business workflows. For in-house legal teams evaluating legal AI data security, GC AI delivers purpose-fit architecture alongside the certification baseline.
Is GC AI GDPR Compliant?
GC AI is GDPR compliant. For in-house legal teams at companies with EU operations, GC AI supports the applicable cross-border transfer mechanisms and operates as a data processor under GDPR Article 28. Data processing documentation, DPA templates, and sub-processor lists are available in GC AI's Trust Center.
What Should My Team's Internal AI Tool Policy Include?
In-house legal teams need three things: an approved AI tool list, a ban on consumer AI for confidential work, and human review workflows for AI-generated output. The approved tool list distinguishes vetted legal AI platforms (operating under signed DPAs and ZDR agreements with their LLM providers) from public tools with no contractual data handling guarantees. When a client or auditor asks how confidential documents are protected, the team with a written AI tool policy has an answer.
