MPEP AI
Join waitlist

Legal

Privilege Policy

<!-- DRAFT-2026-06-10: Anthropic/Cyrus disclosure language in this file is pending attorney approval. P6 cutover checklist greps for this marker — it must be REMOVED (with approved wording) before production deploy. -->

Last Updated: May 12, 2026

Effective Date: May 12, 2026

1. Purpose and Scope

This Privilege Policy describes how MPEP AI ("MPEP AI," "we," "us," "our") handles materials that a User may, in connection with their professional practice, choose to submit to the Services and that the User regards as confidential, attorney work product, or otherwise subject to the attorney-client privilege. MPEP AI is independently owned and operated by Kasra Taghavi ("Owner") in his individual capacity and through Monki AI LLC, a Texas limited liability company of which Kasra Taghavi is the sole member, as described more fully in Terms of Use §3. It also describes the affirmations a User makes by submitting that material, the architectural safeguards we apply to it, and the limits of those safeguards.

This Privilege Policy is supplementary to, and incorporated by reference into, the Terms of Use and the Privacy Policy. Capitalized terms not defined here have the meanings given in Terms of Use §2. Where this Privilege Policy and the Terms of Use differ on a topic, the Terms of Use control.

This Privilege Policy describes safeguards. It is not, and shall not be construed as, a warranty that any particular communication or document submitted to the Services will be preserved as privileged, will retain its work-product protection, or will not be discoverable in litigation or another proceeding. Privilege is determined by the law of the jurisdiction in which it is invoked and the facts of the matter; nothing in this Policy can substitute for the professional judgment of a licensed attorney applying that law to those facts.

2. Definitions

In addition to the defined terms in the Terms of Use, the following terms have the meanings given below.

  • "Matter Content" means User Content that a User has organized within a matter workspace on the Services, including documents the User has uploaded into a matter and records that reference such documents (for example, derived excerpts, embeddings, summaries, drafts, and annotations).
  • "Vault Content" means User Content stored within the Services' secure-storage feature for files associated with a matter, regardless of whether the User has formally organized that file into a matter workspace.
  • "Privileged User Inputs" means free-text prompts, chat messages, and other inputs in which a User communicates Matter Content, Vault Content, client-identifying information, or other content the User regards as privileged or confidential, and that are submitted in a context routed through our privileged path (see Section 6).
  • "External Tools" means tools available within the Services that send data to providers outside our privileged routing path — for example, public web search, public patent-corpus search, or public scholarly-search providers.
  • "Privileged Path" means the routing configuration described in Section 6 that handles Matter Content, Vault Content, and Privileged User Inputs.

The Services do not provide legal advice and do not create an attorney-client relationship with any User. The full disclaimer is set out in Terms of Use §6 and applies to every feature of the Services, including the matter workspace, vault, research assistant, and research orchestrator. This Privilege Policy addresses how we handle material a User has independently determined to be subject to a privilege or duty of confidentiality the User owes to a client; it does not create such a duty on our part, and it does not transform any User into a client of MPEP AI.

4. User Affirmations

By submitting Matter Content, Vault Content, or Privileged User Inputs to the Services, you affirm that each of the following is true at the time of submission and will remain true for the duration the material is processed and stored:

4.1 License or authority to handle the material. You are a licensed attorney, a registered patent agent, or another professional or paraprofessional acting under the supervision and authority of a licensed attorney, and you are permitted under the rules of the relevant bar (and under your employment, partnership, or engagement) to handle the material you are submitting.

4.2 Client consent. You have obtained any client consent or informed-consent disclosure required under the rules of your bar before transmitting privileged or confidential client information to a generative-AI tool of this kind. Without limiting the foregoing, you have considered the guidance of the American Bar Association (including ABA Model Rule 1.6 on confidentiality and ABA Formal Opinion 512 (July 2024) on generative AI tools and client confidences) and, if applicable, the rules of any state bar by which you are licensed, including (for licensees in Texas) Texas Disciplinary Rules of Professional Conduct 1.05 (confidentiality of information) and 5.03 (responsibilities regarding non-lawyer assistants, applied by analogy to AI tools that perform tasks under attorney supervision).

4.3 Technological-competence judgment. Consistent with the duty of technological competence reflected in Comment 8 to ABA Model Rule 1.1 and parallel guidance from state bars, including (where applicable) the State Bar of Texas Committee on Professional Ethics' guidance regarding cloud computing and confidentiality, you have made an independent assessment that the use of the Services is reasonable for the matter at hand, taking into account the sensitivity of the material, the available safeguards described in this Policy, the risk of inadvertent disclosure, and the alternatives available to you.

4.4 Sole responsibility for waiver risk. You retain sole responsibility for evaluating whether the transmission of any particular communication or document to the Services may waive a privilege or a work-product protection. You agree that MPEP AI is not your agent for purposes of privilege analysis and that this Policy does not constitute a representation that any particular submission preserves privilege.

4.5 No prohibited content. You will not submit material whose submission would itself violate applicable law (for example, classified information, regulated personal data of categories you are prohibited from disclosing, or content embargoed under a court order).

4.6 Common-interest arrangements. If multiple members of a firm or co-counsel team use the Services in connection with a single matter, you have determined whether a common-interest arrangement applies and, if it does, that the use of a shared workspace is consistent with the terms of that arrangement.

5. Important Limits

Notwithstanding the safeguards described below:

5.1 No warranty of privilege preservation. MPEP AI does not warrant that any communication, document, or derived artifact created or transmitted through the Services will be treated as privileged or as work product by any court, agency, arbitrator, or other tribunal. The fact that the Services are designed to handle Matter Content with care does not itself create or preserve a privilege.

5.2 No professional standard of care. MPEP AI is not your lawyer, is not engaged as your agent for the practice of law, and does not owe you a professional duty of care or a fiduciary duty. The duty of competence under ABA Model Rule 1.1 and the duty of confidentiality under ABA Model Rule 1.6 remain with you.

5.3 Service is in Beta. Per Terms of Use §5, the Services are offered in a Beta Period at no cost. Beta Services may contain bugs or incomplete features. You should consider Beta status when deciding whether the Services are appropriate for a given matter.

6. Privileged-Content Routing

Matter Content, Vault Content, and Privileged User Inputs are routed through a privileged path designed to keep the underlying material within an enterprise generative-AI configuration:

  • The privileged path uses an enterprise route to the generative-AI providers identified in Terms of Use §13, under a service-account configuration that disables retention of customer prompts and responses for foundation-model training. The privileged path cannot be downgraded by the application to a consumer-facing or non-enterprise route.
  • The Services include non-privileged paths used solely for engineering, evaluation, and quality-control workloads. Matter Content, Vault Content, and Privileged User Inputs are not eligible for those paths.
  • Where the Services use additional AI providers for selected workflows, the same principle applies: privileged workloads use the enterprise route the relevant provider offers, configured to disable retention for foundation-model training.
  • Agentic tasks run in a per-task, session-scoped workspace hosted by the AI infrastructure provider identified in Terms of Use §13. Matter Content you attach to a task is mounted only into that task's workspace, is not shared across tasks or users, and the workspace is archived when the task reaches a terminal state. Task workspaces run with general web access disabled, so task content cannot be transmitted to arbitrary external destinations by the agent.
  • The in-app Support assistant, which answers questions about how to use the Services, sends the text of your Support questions and the assistant's answers to the generative-AI provider identified in Terms of Use §13 through the same enterprise route, configured to disable retention for foundation-model training, and the application cannot downgrade it to a consumer route. The Support assistant is advisory and does not require you to submit Matter Content; any text you choose to include in a Support question is handled on this privileged path, and the Services do not log the body of your Support questions or the assistant's answers (metadata such as sizes and counts only).

The categories of recipients with which we share data, and the categories of data each category receives, are described in Privacy Policy §7.

7. Per-User Data Segregation

Matter Content, Vault Content, and the records derived from them are partitioned per user at the application layer. Before a tool reads or writes data associated with a matter, the Services confirm that the requesting user is the owner of the relevant matter and that the matter has not been deleted. Object-storage paths associated with a matter are validated against the requesting user's identifier; requests that reference a path not belonging to the requesting user are rejected without distinguishing between "does not exist" and "exists but is not yours," so that the response does not disclose the existence of another user's matter.

For firms whose individual members each maintain their own account, the segregation is per individual account; a shared firm view is not implicit and would require an explicit firm or organization configuration. Members of the same firm who wish to share visibility of a matter should do so through the formal sharing mechanism the Services provide, if and when available.

8. Audit Logging

The Services maintain an audit log that records each tool invocation performed by the AI assistant on a User's behalf. Each log entry captures the tool name, the parameters supplied to the tool, the size of the response, the latency, any error code, and the request identifier under which the call was made. The audit log is used to enable the User to understand what the assistant did during a given session, to support diagnostic and quality-assurance workflows, and to provide an audit trail consistent with the duty of technological competence under ABA Model Rule 1.1, Comment 8.

The audit log is per-user data and is subject to the access and deletion controls described in the Privacy Policy.

9. Encryption and Transport Security

Data transmitted between your browser or device and the Services is protected by industry-standard transport-layer security. Data at rest is encrypted using the default mechanisms provided by our cloud and storage providers. Specific cryptographic algorithm versions, key lengths, and management procedures are not described in this Policy because the disclosure of those details does not benefit Users and may provide unhelpful information to bad actors.

10. External-Tool Gating

Several research tools available through the Services connect to providers outside the privileged path — for example, public web search and public patent-corpus search. These tools are gated behind an opt-in toggle. When the toggle is off, the AI assistant cannot invoke an external tool and will, where applicable, indicate that an external lookup was not performed. When the toggle is on, the AI assistant may invoke an external tool to fulfill a research request, and the relevant query text will be transmitted to the external provider as described in Privacy Policy §7. You should consider whether enabling external tools is appropriate for a given matter; in some matters, transmitting a precisely worded query to a public search provider may itself be inadvisable.

11. Work Product

The work-product doctrine, codified for federal civil cases at Federal Rule of Civil Procedure 26(b)(3) and recognized in foundational case law, including Hickman v. Taylor, 329 U.S. 495 (1947), protects materials prepared in anticipation of litigation or for trial. Whether a particular artifact created through the Services qualifies as work product depends on the purpose for which it was prepared, the involvement of the lawyer's mental impressions, conclusions, opinions, or legal theories, and the standards applied by the tribunal in which the question arises. MPEP AI does not warrant that any output produced by the Services will be deemed work product. Users are responsible for determining the work-product status of materials they create.

12. Common-Interest Doctrine

Where multiple attorneys, paralegals, or co-counsel use the Services in connection with a single matter under a common-interest arrangement, the privilege analysis depends on the law of the jurisdiction in which the arrangement is invoked and on the existence and terms of the arrangement itself. Use of the Services does not, by itself, establish a common-interest arrangement, and the Services do not adjudicate whether such an arrangement exists. Users should document common-interest arrangements separately and ensure that all participants' use of the Services is consistent with the arrangement.

13. Confidentiality Under State Rules

Users licensed in Texas should also consider their obligations under Texas Disciplinary Rule of Professional Conduct 1.05 (governing confidentiality of client information) and Rule 5.03 (governing responsibilities for the conduct of non-lawyer assistants, applied by analogy to AI tools that act on the attorney's behalf), as well as any applicable guidance issued by the State Bar of Texas Committee on Professional Ethics concerning cloud-based tools and generative AI. Users licensed in other jurisdictions should consult the parallel rules and guidance of the bars by which they are licensed.

14. Retention and Deletion

Matter Content, Vault Content, and conversation history are retained until the User deletes them or deletes their account, subject to the brief recovery window described in Privacy Policy §14. Soft-deleted records (records placed in a trash state) are recoverable for a short retention period and are then permanently removed. Audit-log records are retained as described in the Privacy Policy.

If you reasonably believe that material you submitted to the Services should be expunged for reasons related to privilege, confidentiality, or an inadvertent disclosure, submit a request through the contact form on mpepai.com identifying the material at issue. We will act on bona fide privilege-related deletion requests promptly.

15. Incident Response

If MPEP AI becomes aware of a security incident that affects Matter Content, Vault Content, or Privileged User Inputs and that meets the thresholds of applicable law for notification, we will notify the affected Users and the relevant authorities within the timeframes those laws require. Because the Services are not your lawyer and do not represent your clients, an incident notification from MPEP AI does not satisfy any obligation you may have to your own clients under the rules of your bar; you are responsible for evaluating and discharging those obligations.

16. Subpoenas and Compelled Disclosure

If MPEP AI receives a subpoena, court order, or other compelled-disclosure request that seeks Matter Content, Vault Content, Privileged User Inputs, or related records, we will, to the extent permitted by law, notify the affected User before responding so that the User has an opportunity to seek a protective order or to assert any applicable privilege on the User's own behalf or on behalf of the User's client. The receipt of compelled process by MPEP AI does not, by itself, waive any privilege or protection; the User remains responsible for asserting privilege in the appropriate forum.

17. Cross-References

This Privilege Policy should be read together with:

To the extent any cross-reference creates an apparent inconsistency, the Terms of Use control, then the Privacy Policy, then this Privilege Policy.

18. Changes to This Policy

We may update this Privilege Policy from time to time. Material changes will be reflected by updating the "Last Updated" date at the top of this Policy and, where the change is significant, by posting a notice through the Services. Continued use of the Services after the effective date of an updated Privilege Policy constitutes acceptance of the updated Policy.

19. Contact

Questions about this Privilege Policy, including questions about how a particular feature handles Matter Content, should be submitted through the contact form on mpepai.com. We do not provide a support email address, postal address, or telephone number.