Skip to main content
    Sonomos for Legal

    Protect Privileged Information Before It Leaves the Browser

    Attorneys using AI tools risk inadvertent privilege waiver every time client data hits a third-party server. Sonomos detects and blocks privileged material locally, before transmission, so nothing leaves your browser without your knowledge.

    Start Protecting Client Data

    What Sonomos Detects

    Sensitive data patterns relevant to legal that Sonomos identifies in real time.

    Case Numbers & Docket Identifiers

    Patterns consistent with federal and state court case numbering formats. Contextual matching with proximity to litigation-related keywords.

    Contextual pattern matching

    Client Names & Matter Identifiers

    Named entity recognition identifies person names, organization names, and location data that may appear in legal communications. Matter numbers are detected via contextual proximity to legal keywords.

    NER + contextual matching

    Witness & Party Identifiers

    Names and identifying information appearing in proximity to deposition, testimony, witness, or party-related keywords.

    Contextual pattern matching

    Privileged Communication Markers

    Detection of patterns associated with attorney-client communications, including privilege headers, confidentiality notices, and work-product references.

    Contextual pattern matching

    Government-Issued Identifiers (SSNs, EINs)

    Social Security Numbers and Employer Identification Numbers with structural validation (checksum and digit-format verification).

    Structural validation

    Financial Account Data

    Credit card numbers (Luhn-validated), bank account and routing numbers detected in proximity to financial keywords.

    Structural + contextual matching

    Sonomos excludes public-record legal identifiers (patent numbers, trademark registration numbers) from privilege-related signals. Only data types associated with litigation, case management, and witness identification trigger attorney-client privilege relevance.

    See legal protection in action

    Regulatory Relevance

    Sonomos identifies pattern matches, not compliance status. The following frameworks may be relevant when detected data types are transmitted unprotected.

    Attorney-Client Privilege

    When legal identifiers associated with litigation, case management, or witness identification are transmitted unprotected to an AI tool, Sonomos flags a potential privilege relevance signal. Voluntary submission of privileged material to a generative AI service may constitute waiver. See United States v. Heppner (No. 3:23-cr-00044, W.D. Va. 2024).

    CCPA

    When personal or government-issued identifiers (SSNs, names, addresses) are transmitted to a third-party AI tool, Sonomos flags a CCPA relevance signal.

    Signal requirements: A relevance signal requires that (1) data in a specific category was flagged, (2) that data was transmitted unprotected, and (3) the destination matches a relevant classification. Blocked or remediated transmissions do not trigger signals.

    Sonomos does not determine whether any privilege has been waived, whether any regulation has been violated, or whether any data constitutes protected information under applicable law. Sonomos identifies pattern matches. Legal analysis requires legal counsel.

    How It Works

    Detect

    Sonomos scans page content locally for case numbers, client names, witness identifiers, and privileged markers. No data leaves your browser during detection.

    Alert

    Flagged content is highlighted with a traffic-light overlay directly on the page. Red indicates high-confidence structural matches. Yellow indicates contextual matches requiring review.

    Block or Mask

    If the data appears in an outbound request (to an AI chatbot, form submission, or API call), Sonomos can intercept and mask it before transmission, or block the request entirely.

    Report

    All events are logged locally to your dashboard. Export PDF reports for client files, compliance documentation, or malpractice insurance records.

    Get early access to Desktop

    Why Local-Only Matters for Legal

    Attorney-client privilege can be waived by voluntary disclosure to a third party. If your privacy tool sends client data to its own servers for analysis, it becomes another third party in the chain. Sonomos processes everything locally in your browser. Detection data never leaves your machine. There is no server-side processing, no cloud storage of flagged content, and no new disclosure risk.

    Your clients trust you with their most sensitive information. Keep it that way.

    Get Sonomos for Your Practice

    See also

    HealthcareFinancial ServicesTechnologyIndividuals

    Related concepts

    Prompt leakageWhat is PII?Data maskingTokenizationContextual matching

    Comparing approaches? See how Sonomos sits next to cloud DLP, enterprise privacy platforms, and other options.