Classified Data Gateway Orchestrator for Perth In-House Counsel: Stop Privilege Bleed Before It Crosses Matters

You run legal for a Perth-headquartered group with three operating subsidiaries, an ongoing regulatory investigation, a stalled acquisition, and a workforce that has discovered ChatGPT. A contracts paralegal pastes a draft into a model to “tighten the language” — except the draft references settlement positions from a separate matter, and the model’s context window now holds material that should never have left the matter file. The bleed isn’t theoretical; it’s the predictable consequence of running privileged content through general-purpose AI without a routing layer that knows which matter, which entity, and which privilege boundary applies. The Classified Data Gateway Orchestrator is the routing layer.

The problem

Privilege bleed across matters or firms is the unintended exposure of legally privileged or confidential information from one matter into the context of another — whether by shared model memory, careless prompt copying, retrieval pipelines that index across matter silos, or an AI tool that retains drafts beyond the engagement. For in-house counsel, the failure mode is structural: you sit at the apex of multiple privileged streams (board, regulatory, employment, M&A, disputes) and every internal team wants AI access to your documents. Once a regulator, opposing party or external auditor demonstrates that privileged content from Matter A informed an AI output used in Matter B, the privilege argument becomes difficult to sustain, and the duty of confidentiality under the Australian Solicitors’ Conduct Rules (ASCR) — applicable in Western Australia under the Legal Profession Uniform Law since 1 July 2022 — is engaged. Rule 9 (confidentiality) and Rule 10 (conflicts concerning former clients) are not satisfied by hoping the model “forgets”. They require a control surface.

What the Classified Data Gateway Orchestrator does

The Classified Data Gateway Orchestrator routes and handles classified, restricted, or privileged data through AI workflows under deterministic rules. It sits between your team’s drafting tools and any downstream AI capability — internal LLMs, retrieval systems, summarisation agents — and enforces three controls per request: classification (what is this content), entitlement (who and which matter is allowed to see it), and routing (which compute path is permitted for this classification). Content tagged as privileged to Matter A cannot enter a context window shared with Matter B. Content tagged as Board-confidential cannot be processed on a model path that lacks the required isolation. The orchestrator is the gatekeeper; the AI tools downstream become consumers of an already-cleared stream.

How it works

1. Classification ingest. Documents and prompts are tagged on entry — by matter ID, entity, privilege status, and sensitivity band. Tags come from your matter management system, document management system, or an explicit user declaration enforced at the interface.
2. Policy evaluation. Each request is checked against a deterministic policy set: ASCR Rule 9 confidentiality boundaries, internal information-barrier rules, and any matter-specific restrictions you’ve configured (e.g., ethical walls, regulatory holds, AML/CTF tipping-off boundaries).
3. Route selection. Permitted requests are routed to the compute path matching the classification — local model, isolated tenant, or denied with a logged reason. Cross-matter context assembly is blocked at the orchestrator layer, not left to the model.
4. Audit emission. Every routing decision (allowed, denied, escalated) is written to an immutable audit log keyed to matter, user, classification, and policy version — the artefact you produce when asked to demonstrate that privilege was preserved.
5. Periodic policy review. Policy sets are versioned and reviewed against ASCR amendments and your internal information-barrier register.

Why this matters in Perth

Western Australia adopted the Legal Profession Uniform Law on 1 July 2022, bringing WA solicitors — including in-house counsel admitted in WA — under the Legal Profession Uniform Law Australian Solicitors’ Conduct Rules 2015. The Law Council’s current ASCR review programme is also consulting on amendments responsive to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) regime taking effect from 1 July 2026, which introduces suspicious matter reporting and tipping-off prohibitions that interact directly with how confidential client information moves through internal systems. For Perth in-house teams with resources exposure, offshore counterparties, or shared service centres across the eastern states, the routing question — which content can touch which compute path, and how that is logged — is no longer a hypothetical IT control. It is an ASCR compliance surface.

Sources

• Law Council of Australia — Australian Solicitors’ Conduct Rules: https://lawcouncil.au/policy-agenda/regulation-of-the-profession-and-ethics/australian-solicitors-conduct-rules

Exegesis capability references:

• Classified Data Gateway Orchestrator spec
• RuleCheck by Exegesis (open-source citation verifier)

Join the waitlist

Join the waitlist — be the first to know when the Classified Data Gateway Orchestrator opens for Perth in-house legal teams

The Classified Data Gateway Orchestrator is a T3 engagement — scoped to your matter taxonomy, entity structure, and existing document management estate. We’re sequencing early design partners across Perth in-house teams whose privilege exposure spans multiple concurrent matters. Join the waitlist and we’ll share scoping detail and engagement structure as access opens.

Schema