AI and IT guidance
- Download Considerations when using ChatGPT and Generative AI Software based on large language models from the Bar Council's Ethics & Practice hub.
The guidance sets out the key risks with large language model systems (LLMs): anthropomorphism; hallucinations; information disorder; bias in data training; and mistakes and confidential data training.
- Due to possible hallucinations and biases, it is important for barristers to verify the output of LLM software and maintain proper procedures for checking generative outputs.
- ‘Black box syndrome’ – LLMs should not be a substitute for the exercise of professional judgment, quality legal analysis and the expertise that clients, courts and society expect from barristers.
- Barristers should be extremely vigilant not to share with an LLM system any legally privileged or confidential information.
- Barristers should critically assess whether content generated by LLMs might violate intellectual property rights and be careful not to use words which may breach trademarks.
- It is important to keep abreast of relevant Civil Procedure Rules, which in the future may implement rules/practice directions on the use of LLMs, for example, requiring parties to disclose when they have used generative AI in the preparation of materials, as has been adopted by the Court of the King’s Bench in Manitoba.
- Ethics & Practice Hub: see the full IT guidance archive
The Bar Council is highly involved in how IT and new technology impacts the life of the Bar, and:
- provides advice to the Bar in relation to data protection and information security
- among other things, acts on legal policy related to IT, or with an IT aspect, to ensure that the Bar’s recommendations and concerns are heard by government
The issues we work on:
- Monitoring and being actively involved in IT developments and their implications for the legal services market and the practising Bar
- Providing advice to the Bar on IT matters
- Leading on relevant consultation responses relating to: digital infrastructure; digitisation of existing processes; IT and court reform; artificial intelligence and new and developing technologies
The Information Commissioner's Office (ICO) has approved a certification scheme aimed at legal service providers who process personal data. Find out more about the Legal Services Operational Privacy Certification Scheme (LOCS).
- Assess your GDPR compliance with the Information Commissioner's Office (ICO)'s 'Data protection self assessment' checklists
The Bar Council's IT Panel's articles on GDPR provides bitesize chapters on GDPR to assist barristers and chambers in understanding their professional obligations under the data protection rules.
These articles, as updated for the Data Protection Act 2018 (and all written by the IT Panel), are also published in BarTalk, the Bar Council's fortnightly e-newsletter.
Read the Bar Council's IT Panel's articles
All in PDF format.
- Introduction: The latest play in the data protection series
- Chapter One: The players on the data protection stage.
- Chapter Two: The roles of each principal member of the cast
- Chapter Three: The role of Data Controller continued
- Chapter Four: IT Panel Blog - The Data Controller - principles cont
- Chapter Five: The Data Subject
- Chapter Six: The Data Processor
- Chapter Seven: What happens when it all goes wrong? - The Melodrama Part 1
- Chapter Eight: What happens when it all goes wrong? - the Melodrama Part 2
- Chapter Nine: International Transfers of Data
- Chapter 10: Epilogue
- Read NCSC's 10 steps to cyber security
- Use the cyber security questionnaire, created by the Bar Council and the Law Society, to ensure your chambers has taken all possible care in protecting its data
- Test your organisation's response to a cyber attack with NCSC's Exercise in a Box tool
- Read the National Institure of Science and Technology (NIST) Cybersecurity Framework to outline your organisation's best practices, or as strategic planning tool for risk assessment
NCSC guidance for small-to medium enterprise (SME) owners
You can protect the personal information you hold by using the resources National Cyber Security Centre (NCSC) have created. SMEs can take these 2 simple steps to help protect themselves from a variety of cyber threats:
- Get a free Cyber Action Plan. Answer a few simple questions, and in less than five minutes, a tailored list of actions will be served to help you to protect your organisation.
- Use the quick, easy and free Check Your Cyber Security tool, which scans internet-connected devices for common vulnerabilities to ransomware and other viruses. It provides advice on how to mitigate any risks, and lets you know if your browser is up-to-date.
Read the NCSC's Small Business Guide: Cyber Security guidance
- Counsel magazine: read articles by Sam Thomas from the Bar Council's IT Panel
- Bar Council blog: 'Enhancing online security using Multi Factor Authentication (MFA)' by Julian Borthwick, member of the Bar Council's IT panel
Report: 'The cyber threat to UK legal sector' (2023)' , which explains how UK law firms - of all sizes - can protect themselves from common cyber threats.