In-house legal teams are under pressure to do more with less, and AI is increasingly part of that conversation. But knowing where to start, and how to do it responsibly, is a different challenge altogether.
Troy Lieberman is a Nixon Peabody technology attorney with five years of experience as in-house counsel at an AI-driven marketing platform. In a recent discussion with Nixon Peabody attorney Tiana Walters, Lieberman covered the practical landscape for in-house teams looking to integrate AI into their operations, from early experimentation to more substantive legal applications.
Below are some of the key topics they addressed.
Getting started takes more investment than most teams expect.
- AI adoption in legal is an iterative process requiring meaningful upfront investment in experimentation, prompt refinement, and workflow design before consistent returns emerge.
- Starting with lower-risk operational tasks is a reasonable entry point, but sustainable adoption requires a clear framework for what to prioritize, how to evaluate tools, and when to expand scope.
- Building the right foundation early, through appropriate vendor agreements, internal policies, and communication, is essential for AI usage to scale.
Substantive legal work is where the stakes get higher.
- When AI moves beyond operational tasks into legal work product, the margin for error narrows, and the need for proper oversight, sound judgment, and well-designed guardrails increases considerably.
- Output quality depends heavily on how the tool is trained and what it is given to work with; a general model without proper context rarely produces work product that saves time.
- Human oversight remains essential. Determining where and how that oversight fits into the workflow is a legal judgment call, not a technological one.
Data privacy, as well as customer and vendor agreements, require careful attention.
- Before sensitive data enters any AI tool, legal teams need to understand the terms of the underlying license agreement, whether client contracts restrict AI use, and whether any specific rules would apply to potentially uploaded data.
- Consider whether vendor agreement terms need to incorporate training requirements and data use limitations.
- The right protections need to be in place before the workflow is built, not after.
AI use policies and governance don't write themselves.
- Every organization needs an AI use policy that reflects how the business operates, specific enough to be meaningful and practical enough to follow.
- Getting there requires understanding how AI is being used across the organization, including unauthorized or informal use that may already be happening.
- Outside counsel with cross-industry visibility can help in-house teams identify gaps, ask the right questions, and build policies that are both applicable to the business and useful in addressing the underlying issues.
Keep legal meaningfully in the loop.
- As AI tools become more capable, business teams may push for direct access to AI-assisted contract workflows, raising real questions about oversight, risk management, and accountability.
- The right answer depends on the risk profile of the work, the protections in place, and whether legal retains meaningful visibility into the process.
- AI should support legal's oversight function, not create a path around it.
Whether your legal team is just beginning to explore AI or looking to build on early efforts, Nixon Peabody can help you navigate the legal, operational, and governance dimensions, including AI use policy development, vendor agreement review, and data privacy considerations. To continue the conversation, reach out to Troy Lieberman or Tiana Walters directly.
