Skip to main content

Legal Privilege

The legal-privilege policy is an output-phase blocker for privileged legal phrases. It scans generated output text for configured markers, or a small built-in default list, and blocks the response when a marker is found.

Configuration

pack:
name: legal-privilege
version: "1.0.0"
enabled: true

policies:
chain:
- legal-privilege

policy:
legal-privilege:
privilege_markers:
- "attorney-client privilege"
- "privileged and confidential"
- "work product"
- "for legal review only"

Fields

FieldTypeDescriptionDefault
privilege_markersstring[]Case-insensitive markers that trigger blocking when they appear in output text. If omitted, the gateway uses the built-in defaults shown above.built-in list
actionblockThe only accepted action; a matching output is always blocked.block

How it works

  1. Output extraction: the server extracts response text from the buffered model output.
  2. Marker scan: the gateway lowercases the text and checks whether any configured or built-in marker appears as a substring.
  3. Verdict: a match returns Verdict::Block with reason_code = "legal.privilege_detected".
  4. Audit details: the decision event records whether a hit occurred and how many markers were active.

Important limitations

  • The current policy evaluates output text only. It does not scan inbound prompts.
  • There is no redact or escalate mode for this policy.
  • action is optional because blocking is the only supported runtime behavior.

Valid examples

Use built-in defaults

pack:
name: legal-defaults
version: "1.0.0"
enabled: true

policies:
chain:
- legal-privilege

policy:
legal-privilege: {}

Add organization-specific privilege markers

pack:
name: litigation-review
version: "1.0.0"
enabled: true

policies:
chain:
- legal-privilege

policy:
legal-privilege:
privilege_markers:
- "attorney-client privilege"
- "work product"
- "for legal review only"
- "settlement draft"
- "outside counsel only"

Best practices

  • Put the policy in output chains that produce legal analysis, summaries, or draft memoranda.
  • Extend privilege_markers with your jurisdictional or organization-specific labels.
  • Pair with case-privacy, upl-filter, and pii-detector for broader legal-data controls.

Next steps