Vol. III · No. 128 Independent LegalTech Analysis Wednesday, June 17, 2026

The Legal Stack

← Analysis Analysis · AI & Practice

When Legal AI Gets It Wrong: Who Is Liable, and What You Should Do Now

The marketing pitch for legal AI is irresistible: faster research, tighter drafts, fewer billable hours wasted on grunt work. But the malpractice exposure when these tools hallucinate a case, bury a deadline, or generate a defective contract clause is entirely your problem — not OpenAI's,...

Andy Armstrong
April 24, 2026 · 7 min read

The marketing pitch for legal AI is irresistible: faster research, tighter drafts, fewer billable hours wasted on grunt work. But the malpractice exposure when these tools hallucinate a case, bury a deadline, or generate a defective contract clause is entirely your problem — not OpenAI's, not Thomson Reuters', not Harvey's. Yours. Understanding exactly how that liability maps onto current bar guidance, and building a mitigation framework before something goes wrong, is no longer optional for any practitioner seriously considering AI adoption.

Scenario One: The Phantom Citation

In May 2023, attorneys Peter LoDuca and Steven Schwartz of Levidow, Levidow & Oberman cited Varghese v. China Southern Airlines in a federal court brief — a case that does not exist. ChatGPT invented it, complete with fabricated quotes and holding language. Judge P. Kevin Castel sanctioned the filing attorneys $5,000 and referred the matter for additional disciplinary review in Mata v. Avianca, Inc., No. 22-cv-1461 (S.D.N.Y. 2023). The case became a national cautionary tale, but its lesson is still being ignored.

The professional responsibility analysis here is straightforward and unforgiving. Model Rules 3.1 (meritorious claims), 3.3 (candor toward the tribunal), and 1.1 (competence) all attach simultaneously. The ABA's Formal Opinion 512, issued in July 2024, makes explicit what most practitioners already suspected: using generative AI does not create a new standard of care — it simply becomes part of the existing competence analysis. If a reasonably competent attorney would have verified a citation before filing, then failing to verify an AI-generated citation is a competence failure, full stop.

The liability analysis for phantom citations is therefore clean: the attorney is liable, the firm may be vicariously liable, and the AI vendor almost certainly is not. Vendor terms of service universally disclaim reliance on outputs for legal purposes. LexisNexis, Thomson Reuters, and Harvey all include language to this effect. You agreed to it when you signed up.

What this means practically: Every AI-generated citation must be verified against a primary source before it touches a filing. Not spot-checked. Every one.

Scenario Two: The Missed Deadline

This failure mode is subtler and, I would argue, more dangerous. Imagine a solo practitioner using an AI practice management assistant to track a statute of limitations in a products liability matter. The AI pulls the wrong limitations period — perhaps misreading a discovery rule or missing a recent statutory amendment — and the practitioner files 18 days late. The claim is barred.

This is a textbook malpractice scenario. The elements of negligence map cleanly: duty, breach (failure to independently verify a limitations period), causation, and damages. The AI vendor's liability, again, is essentially zero absent extraordinary circumstances. The contractual disclaimers are robust. A products liability case against a legal AI vendor would require proving that the tool was defective in a way that goes beyond ordinary inaccuracy — a very high bar when the vendor's terms explicitly tell you not to rely on the output without independent verification.

The trickier question is the malpractice insurer's position. Several carriers — including Chubb and ALPS — have begun adding AI-related endorsements and exclusions to their legal malpractice products. If your policy excludes losses arising from unverified AI outputs and you haven't read that language, you may have a coverage gap that doesn't reveal itself until the worst possible moment. Check your policy now.

Bar guidance in California (Provisional Opinion 2023-L-0001) and Florida (Ethics Opinion 24-1) both treat deadline management as a non-delegable professional responsibility. You can use AI to flag deadlines. You cannot use it as your sole docketing system without a verification layer.

Scenario Three: The Flawed Contract Clause

A transactional lawyer uses an AI drafting tool to generate an indemnification clause in a commercial lease. The AI produces language that looks sophisticated but fails to account for the client's jurisdiction's anti-indemnity statute — say, Texas Business & Commerce Code § 151.102, which voids certain indemnification provisions in construction contracts. The clause is unenforceable, the client loses indemnification coverage in a subsequent dispute, and damages are substantial.

Here the liability analysis gets more nuanced. Transactional malpractice requires proving that but for the defective work, the client would have been in a better position — a causation inquiry that often turns on what a properly drafted clause would have achieved. But the threshold question is straightforward: was the failure to identify a controlling statutory limitation a breach of the standard of care? Almost certainly yes.

This scenario also illustrates a training data problem that practitioners underestimate. Large language models are trained on data with cutoff dates, and they have no reliable mechanism for flagging that a statutory scheme they're drawing on may have been amended. They will produce confident, polished, wrong output. The polish is the danger.

The Liability Map in Summary

Under current bar guidance across every jurisdiction that has issued AI-specific ethics opinions — and as of April 2026, that includes California, Florida, New York, Virginia, and North Carolina, among others — the framework is consistent: AI is a tool, the attorney is the professional, and the professional responsibility and malpractice exposure attaches to the attorney exclusively absent extraordinary vendor conduct.

Your Risk Mitigation Checklist

  • Verify every citation independently. Use Westlaw, Lexis, or Google Scholar. No exceptions.
  • Treat AI deadline outputs as drafts, not records. Maintain a redundant, human-verified docketing system.
  • Read your malpractice policy for AI exclusions. Call your broker if you're uncertain.
  • Document your verification steps. If you're sanctioned or sued, showing your review process matters.
  • Know the statutory landscape in your practice area. AI cannot reliably tell you what it doesn't know about recent amendments.
  • Review vendor terms of service. Understand exactly what reliance protections, if any, exist.
  • Check your state's AI ethics guidance. The ABA's 2024 ethics compendium is a useful starting point.

The Bottom Line

Legal AI isn't going away, and the practitioners who learn to use it well will have a genuine competitive advantage. But the adoption conversation cannot stay perpetually focused on upside without reckoning honestly with exposure. The bar has been clear, the courts have been clear, and the vendors have been clear: when the AI gets it wrong inside your practice, you own the consequences. Build your verification infrastructure now, before a phantom case citation or a missed limitations period teaches you the hard way.

More Analysis