Survey: 59% of UK legal professionals using unauthorised AI
TL;DR:
- A survey of 200 UK legal professionals by Censuswide for legal-software company Access Legal finds 59% admit to using unapproved AI applications — including the free version of ChatGPT — for client work.
- Use is highest among paralegals (71%) and solicitors (57%), with 68% of firm leaders simultaneously claiming “full visibility” and “zero risk” of unapproved AI use within their firms.
- The data lands months after the Upper Tribunal’s Munir decision confirmed that open-AI use permanently waives legal professional privilege and breaches client confidentiality.
The survey exposes a structural shadow-AI problem at the heart of UK legal practice. Just as the Upper Tribunal has ruled — in Munir v Secretary of State for the Home Department [2026] UKUT 81 (IAC) — that using open-AI tools like public ChatGPT permanently waives legal professional privilege, fee earners are using them anyway, and firm leaders are not seeing it.
The Munir judgment did not block AI use in legal practice. It drew a clear distinction between open-source public tools (where queries are submitted to a public-facing model whose training and data-handling are outside the firm’s control) and closed enterprise-grade environments (where data stays within the firm). The current Access Legal data suggests UK firms have failed to internalise that distinction at the practitioner level.
A leader-visibility gap with regulatory consequences
The survey separately polled 100 UK-based legal leaders — managing directors and practice managers aged 30 and over. 68% said they had full visibility of AI use at their firm and believed they face “zero risk” of unapproved AI use. That number is impossible to reconcile with the 59% of fee earners admitting to unauthorised use.
Under the SRA Code of Conduct, firm leaders have a direct duty to supervise. A leader who believes their firm has zero exposure while fee earners are actively using tools the Tribunal has now ruled waive privilege is, on Access Legal’s reading, in breach of that duty. The Tribunal was explicit that conduct of this kind warrants referral to the SRA and reporting to the Information Commissioner’s Office.
The tooling-gap explanation is partially supported. Half of fee earners said they want AI built into their case management system, but only 25% of respondent firms currently have that feature in place — driving practitioners to public alternatives. “Following Munir, the consequences of reaching for the wrong tool are no longer theoretical, they are regulatory, permanent, and well-documented,” said Andrew Stevens, Access Legal’s general manager.
Looking forward
The data sets up a near-certain wave of SRA referrals and ICO reports as firms catch up to the Munir reasoning. For UK law-firm leaders, the operational response is now clearly two-pronged: deploy approved, secure AI tooling at sufficient quality to compete with public alternatives, and implement supervision that genuinely tests whether unauthorised use is happening rather than relying on self-reporting. The data also strengthens the case for legal-tech vendors building approved, audit-friendly AI workflows that integrate with case management systems — a market segment where UK suppliers (LexisNexis, iManage, Litera, plus newer entrants) are now competing for the gap the Access Legal survey exposes. Family courts and criminal practice — where confidentiality stakes are highest — will be the first areas where regulatory enforcement is likely to land.