Privilege Firewall Orchestrator for Brisbane Boutique Firms: Stop AI Tools Cross-Pollinating Client Matters

You run a seven-lawyer commercial practice in the Brisbane CBD. Two of your partners are on opposite sides of a dispute that didn’t exist eighteen months ago — one acts for a former director, the other for the company. Both are using the same firm-wide AI assistant for drafting. Last week a junior asked it to summarise “the position on the shareholder deed” and the response cited a fact pattern that could only have come from the other matter. Nobody filed anything. But you now have a confidentiality problem that didn’t exist before the tooling did. The Privilege Firewall Orchestrator is built to prevent that class of leakage at the orchestration layer — before any AI tool ever sees the cross-matter context.

The problem

Boutique firms under 10 lawyers run hot. The same practitioners touch multiple matters in a day, often for clients whose interests are adverse or where information barriers would ordinarily apply. General-purpose AI tools — drafting assistants, retrieval systems, summarisation agents — don’t natively recognise matter boundaries. A model trained or prompted with content from Matter A can surface that content when working on Matter B, particularly when retrieval-augmented generation systems are pointed at a shared document store. The Australian Solicitors’ Conduct Rules require solicitors to maintain client confidentiality (Rule 9) and avoid conflicts of duty between current clients (Rule 11). Neither rule cares whether the breach was caused by a person or a model the firm deployed. The Administrative Review Tribunal’s Practice Directions on expert evidence and procedural conduct expect practitioners to be able to account for the provenance of material relied on in proceedings — a difficult conversation if a draft was produced by a tool that cannot demonstrate matter isolation.

What the Privilege Firewall Orchestrator does

The Privilege Firewall Orchestrator sits between your practitioners and any AI tool the firm uses. It enforces matter-level isolation: every prompt, retrieval call, and document upload is tagged to a specific matter ID, and the orchestrator refuses to combine context across matters that haven’t been explicitly cleared. The deliverable is a multi-matter privilege firewall — it prevents AI tools cross-pollinating confidential content between client matters, and produces an audit trail showing which matter each AI interaction touched. The orchestrator is deterministic at the routing layer: it does not rely on a language model to “decide” whether two matters are related. Conflict and isolation decisions are made against the firm’s matter registry, not inferred.

How it works

1. Matter registry sync — The orchestrator ingests your practice management system’s matter list, including client identifiers, adverse parties, and any information-barrier flags your firm already maintains.
2. Session binding — When a practitioner opens an AI session, they select the matter. The orchestrator binds the session to that matter ID; prompts, file uploads, and retrieval queries are scoped to that matter only.
3. Cross-matter block — Requests that would pull context from a different matter (or from a matter flagged as adverse) are refused at the orchestrator layer, before any request reaches the underlying AI tool.
4. Audit log — Every AI interaction is logged with matter ID, practitioner, timestamp, and tool invoked. The log is exportable for internal compliance review or in response to a tribunal direction.
5. Periodic conflict re-check — When a new matter is opened, the orchestrator re-evaluates existing sessions against the updated conflict graph and flags any practitioner whose recent AI activity touches a now-adverse client.

Why this matters in Brisbane

Queensland’s boutique commercial and litigation market is dense — practitioners move between firms, and matters that looked unrelated at intake routinely become adverse as parties join or counterclaims are filed. The Administrative Review Tribunal sits in Brisbane and hears matters in which expert evidence and document provenance are scrutinised; practitioners appearing before the ART are expected to be able to explain how material in their possession was generated and segregated. ASCR Rule 9 confidentiality obligations apply uniformly, but the practical risk concentrates in small firms where the same lawyer is the drafter, the supervisor, and the conflicts officer. A firewall enforced at the tooling layer reduces the chance that a busy afternoon produces a confidentiality breach nobody noticed until the other side asked an awkward question.

Sources

• Administrative Review Tribunal — Practice Directions and other guidance: https://www.art.gov.au/help-and-resources/professionals-and-practitioners/practice-directions-and-other-guidance
• Law Council of Australia — Australian Solicitors’ Conduct Rules (Rule 9 confidentiality; Rule 11 conflict of duties between current clients): https://lawcouncil.au/policy-agenda/regulation-of-the-profession-and-ethics/australian-solicitors-conduct-rules
• AustLII (Australasian Legal Information Institute): https://www.austlii.edu.au/

Exegesis capability references:

• RuleCheck by Exegesis — live beta
• Privilege Firewall Orchestrator spec

Join the waitlist

Join the waitlist — be the first to know when access opens for Brisbane boutique firms

The Privilege Firewall Orchestrator is in design partner intake. We’re scoping pricing around firm size (under 10 lawyers, 10–30, 30+) and AI tool footprint. Join the waitlist and we’ll work through your matter registry and conflict posture with you before access opens.