Privilege Perimeter Enforcement Gateway for Brisbane Boutique Firms: Stop Privilege Bleed Across Matters and Tools

You run a seven-lawyer firm in Brisbane. Two partners share the same AI assistant subscription. One is preparing an expert witness brief for an Administrative Review Tribunal matter; the other is acting for a counterparty in an unrelated commercial dispute. Both are pasting privileged client material into the same prompt history, the same vector store, the same chat threads. Nothing in the tool knows which matter is which, which content is privileged, or which user is allowed to see what. The Privilege Perimeter Enforcement Gateway is the boundary layer that should sit between your lawyers and any model they touch.

The problem

Boutique firms adopt AI faster than they staff governance for it. The same paralegal who drafts a witness statement in the morning runs a contract review in the afternoon — through the same assistant, on the same machine, with the same retained prompt history. Privileged communications, draft advice, and client-identifying material accumulate in tool memory that was never designed for a Chinese-wall environment.

The Australian Solicitors’ Conduct Rules require solicitors to maintain client confidentiality (Rule 9) and to avoid conflicts arising from concurrent retainers and from confidential information held about former clients (Rules 10 and 11). Those duties don’t pause because a tool is involved. When privileged content from Matter A ends up surfacing in a prompt completion for Matter B — through retrieval, fine-tuning, or shared context — the firm has a problem that pre-dates AI but is now far easier to trigger by accident.

The Administrative Review Tribunal’s practice directions and guidance for professionals set expectations about how expert evidence and supporting material are prepared and presented, which makes the integrity of the chain from instruction to filed material something each firm needs to be able to demonstrate, not just assert.

What the Privilege Perimeter Enforcement Gateway does

The Privilege Perimeter Enforcement Gateway provides boundary controls between privileged and non-privileged content on AI inputs and outputs. It sits as an enforcement layer in front of whichever model or assistant your firm uses, and applies matter-scoped, user-scoped rules to every prompt and every response:

Input classification — inbound prompts are tagged by matter, by client, and by privilege status before they reach the model
Output filtering — completions are checked against the requesting user’s matter scope; content that originated in a different matter context is blocked or redacted before it reaches the user
Cross-matter isolation — retrieval and context windows are partitioned so Matter A material cannot be silently pulled into a Matter B prompt
Audit trail — every input and output is logged with the matter ID, user, and decision, producing a record the firm can show a regulator, an insurer, or a client

The deliverable is the gateway itself plus the configuration that maps your firm’s matter list and conflict register to enforcement rules.

How it works

Matter and user mapping. We import your matter list and user roster, and define which users may access which matters. Conflicts and information-barrier requirements are encoded as rules, not as honour-system reminders.
Prompt interception. When a lawyer or paralegal submits a prompt to the firm’s AI tool, the gateway intercepts it, attaches matter and privilege metadata, and applies the firm’s rules before the prompt reaches the model.
Response inspection. Completions are inspected against the requesting user’s matter scope. Cross-matter content is redacted or the response is blocked, with a clear reason returned to the user.
Logging and review. Every interaction is recorded against matter, user, and decision. Partners can review the log; the firm can produce it on request.
Periodic rule review. As the matter list changes, the rule set is updated. RuleCheck-style deterministic checks are applied at the boundary — the enforcement decisions don’t rely on a separate LLM that could itself hallucinate.

Why this matters in Brisbane

Brisbane’s boutique firm market includes a heavy concentration of practitioners appearing in the Administrative Review Tribunal, the Queensland Civil and Administrative Tribunal, and the Federal Circuit and Family Court — jurisdictions where expert evidence and client-identifying material flow through small teams under tight timelines. The ART’s practice directions and guidance for professionals govern how expert and supporting evidence is to be prepared and presented, and the duty to preserve the integrity of that material sits with the practitioner regardless of which tools were used along the way.

The ASCR confidentiality and conflict duties apply uniformly across Australian jurisdictions, but the operational risk is concentrated in firms where one or two partners hold the bulk of the matter knowledge and share infrastructure with every other lawyer in the office. That’s the Brisbane boutique profile.

Sources

Administrative Review Tribunal — Practice Directions and Other Guidance: https://www.art.gov.au/help-and-resources/professionals-and-practitioners/practice-directions-and-other-guidance
Law Council of Australia — Australian Solicitors’ Conduct Rules: https://lawcouncil.au/policy-agenda/regulation-of-the-profession-and-ethics/australian-solicitors-conduct-rules
Federal Court of Australia — Use of Generative Artificial Intelligence Practice Note (GPN-AI): https://www.fedcourt.gov.au/law-and-practice/practice-documents/practice-notes/gpn-ai
AustLII (Australasian Legal Information Institute): https://www.austlii.edu.au/

Exegesis capability references:

Join the waitlist

Join the waitlist — be the first to know when access opens for Brisbane boutique firms

We’re scoping pricing for boutique firms (under ten lawyers) separately from larger deployments. Join the waitlist and tell us how your firm currently shares AI tooling across matters — what we hear shapes the rule library that ships with the gateway.