By Francis Yoon

The Ultimate Act of Discretion

The process of drafting a patent application is the ultimate act of discretion. Before an invention is filed, its core design, methodology, and advantages are protected as confidential trade secret information. Today, a powerful new tool promises to revolutionize this process: generative AI and LLMs. These models can instantly transform complex invention disclosures into structured patent claims, saving countless hours. However, when legal professionals feed highly sensitive information into public LLMs like ChatGPT or Gemini, they unwittingly expose their clients’ most valuable intellectual property (IP) to an unprecedented security risk. This convenience can create a massive, invisible information leak, turning a law firm’s desktop into a prime data source for the very AI models they rely on.

The Black Box: How Confidentiality is Broken

The core danger lies in how these AI systems learn and the resulting threat to patent novelty governed under 35 U.S.C. § 102(b), which mandates that an invention be new and not previously known or publicly disclosed. When a user submits text to a public LLM, that input often becomes part of the model’s training data or is used to improve its services. Confidential patent information fed into the model for drafting assistance may be logged, analyzed, and integrated into the model’s knowledge base. This risk is formalized in the provider’s terms of service.

While enterprise-level accounts offered by companies like OpenAI or Google typically promise not to use customer input for training by default, free or standard professional tiers usually lack this guarantee unless users proactively opt out. If a lawyer uses a personal subscription to draft a patent claim, they may inadvertently transmit client’s IP directly to a third-party server, violating their professional duty of care and duty of confidentiality, while also potentially exposing their firm to a professional malpractice claim. This conflict establishes the central legal issue: the reliance on public AI creates a massive “Black Box” problem. The invention is disclosed to an opaque system whose ultimate use of that data is neither verifiable nor auditable by the user.

The Novelty Risk: AI as Inadvertent Prior Art

Beyond breaching confidentiality, this practice also fundamentally endangers patentability by jeopardizing the invention’s novelty. Novelty is a fundamental requirement for patentability, which is the legal status an invention must achieve to receive patent protection. The most critical risk is inadvertent public disclosure, which creates prior art—any evidence that an invention is already known or publicly available—and thus invalidates the patent. Once an invention’s confidential details are used to train a widely accessible public model, it may no longer be considered “new” or “secret.” This action could be interpreted as a public disclosure—the invention’s core teaching has been shared with a third party (the AI system) under terms that do not guarantee perpetual confidentiality. This could destroy the invention’s noveltyand the potential for trade secret protection. Furthermore, generative AI can be prompted to generate vast amounts of plausible technical variations based on a limited technical disclosure. If these AI-generated outputs are published, they can become valid prior art. A human inventor’s subsequent application may be rejected because the AI has, in theory, already publicly disclosed a similar concept, rendering the human’s invention unpatentable as non-novel or obvious.

The Legal Hot Potato: IP vs. Contract

When confidentiality is breached through a public AI model, recovering the invention is extremely difficult. If a client’s trade secret is exposed, the client loses the protection entirely, as the secret is no longer “not generally known.” Suing the LLM provider for trade secret misappropriation requires proving that the provider improperly acquired the secret and used it against the owner’s interests. This is challenging because the provider’s legal team can argue the input was authorized under the contractual terms accepted by the user. The attorney who entered the prompt is typically held liable for the breach of confidence. However, the firm has no clear recourse against the LLM provider, as the provider’s liability is severely limited by contract. Often, these liability-limiting clauses cap damages at a minimal amount or specifically disclaim liability for consequential damages, like intellectual property loss. The fragmentation of this liability leaves the inventor exposed while the AI company is shielded by its own terms.

To combat this systemic problem, legal scholars have advocated for imposing a duty of loyalty on tech companies, forcing them to legally prioritize user confidentiality above their own financial interests. This echoes the mandates found in modern privacy law, such as the California Consumer Privacy Act’s rules on the consumers’ right to access information about automated decision-making technology.

Mitigating the Risk: A Confidentiality and Novelty Checklist

Legal teams should adopt a “trust-nothing” protocol to utilize generative AI responsibly. They should implement clear guidelines prohibiting the use of public LLMs for generating, summarizing, or analyzing any client or company information that qualifies as prior art or a trade secret.

Crucially, professionals should never submit a confidential invention disclosure to an AI system before filing a formal provisional patent application with the relevant patent office. A provisional patent application allows inventors to establish an official priority date without submitting a formal patent claim, protecting the invention’s novelty before any exposure to external AI infrastructure.

To safely leverage AI internally, firms should invest in closed AI systems; these systems should be proprietary or securely containerized environments where data transfer and training are fully isolated and auditable. Furthermore, to ensure confidentiality, these systems should utilize edge computing, where processing is done directly on the local device, and federated learning, a method that trains the model using data across many decentralized devices without moving the raw data itself (the original, unprocessed data). This approach keeps the raw technical details strictly within the corporate firewall, preventing the inadvertent creation of prior art.

For necessary exploratory research using public models, firms should implement strict data anonymization and generalization processes. This involves removing or replacing all names, key dates, values, and novel terminologies before submission—a technique directly related to tokenization, the process by which AI models break down and interpret text.

Finally, firms should mandate rigorous review of contractual best practices for AI vendors to ensure indemnification and written guarantees that input data will not be used for training purposes. Indemnification is crucial; it requires the AI vendor to compensate the law firm or client for any loss or damage incurred if the vendor’s technology (or its failure to secure the data) results in a breach of confidence or patent invalidation. Firms should demand explicit clauses confirming that input data will not be logged, retained, or used for model training, and defining vendor liability that extends beyond simple fee refunds to cover the substantial financial harm caused by the loss of IP rights.

Conclusion

The promise of AI to expedite the patent drafting pipeline is undeniable, but the current ethical landscape presents a fundamental challenge to the confidentiality required to preserve patentability. Until legal frameworks universally impose a duty of loyalty on AI providers, the responsibility falls squarely on the professional to protect the client’s IP. The future of intellectual property requires vigilance: innovation should be accelerated by AI, but never disclosed by it.

IP-Security #Patent-Risk #AICrisis