Client/Firm Privilege Boundary Orchestrator for Sydney Boutique Firms: Stop Privilege Bleeding Across Matters

You run a six-lawyer firm in Sydney. One partner is preparing expert evidence for an ART matter; another is running a commercial dispute for a client whose interests touch the same sector. The same shared GPT workspace, the same internal knowledge base, the same AI drafting tools that helped you compete with mid-tier firms last year are now the thing keeping you up at night. A prompt typed into the wrong window, a retrieval index that pulled in matter notes it shouldn’t have, a model fine-tuned on transcripts from Client A surfacing phrasing in a draft for Client B — none of these leave a paper trail you can hand a court. The Client/Firm Privilege Boundary Orchestrator is built to make those boundaries explicit, enforced, and auditable.

The problem

Boutique firms run lean. The same lawyers move across matters, the same junior staff draft across clients, and the same AI tools (chat assistants, retrieval-augmented search over the firm’s document store, internal automation) sit on top of all of it. That efficiency is also the privilege risk: there is rarely a hard technical boundary between Matter A and Matter B, between client-confidential material and firm-internal use, or between work-product covered by legal professional privilege and the prompts and context windows the firm uses to generate it.

For a boutique handling ART expert evidence work, this compounds. Expert reports filed under ART practice directions are expected to reflect the expert’s independent reasoning and disclose the assistance behind them. If a firm-internal AI tool has drawn on adjacent client matters to shape an expert’s draft — even inadvertently — the firm is exposed on two fronts at once: a privilege-bleed problem with the originating client, and a candour and independence problem with the tribunal.

Manual policies (“don’t paste client material into ChatGPT”) do not survive the pace of a working week. What’s needed is an enforcement layer that knows which matter a session belongs to, which retrieval sources it is allowed to touch, and what gets logged.

What the Client/Firm Privilege Boundary Orchestrator does

The Client/Firm Privilege Boundary Orchestrator manages privilege boundaries between client work and firm-internal use of AI. It sits between your lawyers’ AI tooling and the firm’s document and knowledge stores, and enforces three things:

• Matter-scoped sessions. Every AI interaction is bound to a single matter ID. Retrieval is constrained to that matter’s document set plus explicitly allowed firm-general resources (precedent libraries, public materials).
• Cross-matter contamination blocks. Attempts to pull context from another active matter are blocked at the retrieval layer, not flagged after the fact.
• Audit trail per session. Each session produces a record of which sources were accessed, which were blocked, and which prompts and outputs were generated — sufficient for an internal privilege review or a response to a tribunal query.

How it works

1. Matter registration. Each open matter is registered with a client ID, conflict-check status, and an allowed-sources policy (which folders, which precedent libraries, which firm-general resources may be drawn on).
2. Session binding. When a lawyer or paralegal opens an AI session, they select the matter. The orchestrator scopes retrieval and tool access to that matter’s permitted sources for the life of the session.
3. Boundary enforcement. Retrieval requests are filtered before reaching the model. Attempts to access another matter’s documents are refused and logged.
4. Audit log generation. Every session writes a structured log: matter ID, user, sources retrieved, sources blocked, prompt summaries, and output hashes. The log is retained on firm-controlled storage.
5. Periodic boundary review. Logs are summarised into a weekly review pack the firm’s risk partner can sign off on — flagging any sessions that triggered blocks, any matters with unusual cross-references, and any expert-evidence matters that touched firm-general AI tooling.

Why this matters in Sydney

Boutique firms in Sydney compete on responsiveness and specialist expertise. Many are taking on ART work — migration, NDIS, veterans’ affairs, social services review — where expert evidence directions require transparency about how a report was prepared and what assistance the expert received. The Administrative Review Tribunal’s practice directions and guidance set the framework for how expert and other evidence is to be put before the tribunal, and practitioners are expected to be able to account for the integrity of the materials they file.

For a small firm running both ART matters and adjacent commercial work for clients in regulated industries, the absence of a technical privilege boundary inside the firm’s AI stack is a foreseeable problem. The Orchestrator is the layer that makes “we don’t mix matters” a defensible statement rather than a hopeful one.

Sources

• Administrative Review Tribunal — Practice Directions and Other Guidance: https://www.art.gov.au/help-and-resources/professionals-and-practitioners/practice-directions-and-other-guidance

Exegesis capability references:

• Client/Firm Privilege Boundary Orchestrator (catalog: 03_Agentic_Solutions/Client_Firm_Privilege_Boundary_Orchestrator.md)
• RuleCheck by Exegesis — open-source citation verifier: https://github.com/andrefabre/rulecheck

Join the waitlist

Join the waitlist — be the first to know when access opens for Sydney boutique firms

The Client/Firm Privilege Boundary Orchestrator is in build. We’re working with a small number of Sydney boutique firms to scope the deployment model (firm-hosted, Exegesis-hosted, or hybrid) and the right pricing structure. Join the waitlist and what we hear from you will shape how the tier you sit in actually works.