Rather than thinking of artificial intelligence as a magical box, we need to accept that it has now become an inseparable part of our lives, because it is truly an invisible partner that knows our decisions, our work, and even our relationships. But can we really protect privacy when we entrust so much information to such a powerful tool? Can we protect our data when we share it with a model that can scan millions of data in seconds? In this article, we will focus on how to protect privacy while using AI tools.

With the proliferation of AI tools, many lawyers have come to ask the question: "How will we protect attorney-client confidentiality by using AI tools?" It is an indisputable fact that the legal world approaches new technologies with caution. When you add a privacy problem to this, many lawyers tend to conclude "Then we shouldn't use AI tools at all." However, like any other technology such as email, cloud storage, or UYAP, artificial intelligence becomes a strategic advantage rather than a risk when used with proper methods. Therefore, the real question is not "should we use artificial intelligence?" but rather "how, within what limits, and to what extent should we safely use artificial intelligence?"

WHAT IS RISK, WHAT IS NOT?

Instead of seeing artificial intelligence, which has now become a tool of competition in itself, as a "natural danger," we need to understand the risks that may arise when artificial intelligence is not properly controlled. Artificial intelligence is not a threat in itself; rather, the real threat is when sensitive information belonging to a client is shared with an unreliable third party in the wrong format.

The International Association of Privacy Professionals (IAPP) emphasizes that risk arises not from the uselessness and danger of technology but from its misuse. Therefore, risk begins with the quality of information given to artificial intelligence. Regulatory bodies like the ABA (American Bar Association) and KVKK define artificial intelligence not as a "new threat that should be banned" but as a "new practice that should be managed within appropriate limits." Because risk is neither absolute nor inevitable; rather, it is measurable, reducible, and manageable. For example, with simple but powerful methods such as anonymization, purpose limitation, prompt design, and corporate access protocols, this risk can be reduced to nearly zero. Therefore, at this point, rather than questioning whether artificial intelligence is dangerous, we need to question how we will use it consciously. So how will we use this artificial intelligence consciously? In this context, we will first focus on the place of artificial intelligence in Turkish and European law, discuss prompt engineering, and finally address the safeguards within AI systems themselves and what should be considered when selecting systems.

THE PLACE OF ARTIFICIAL INTELLIGENCE IN TURKISH LAW

There is no legal legislation on artificial intelligence in Turkey. However, artificial intelligence legislation numbered E. 2/2234 is in the commission review stage in the Turkish Grand National Assembly, and it is envisioned that data protection principles will be integrated into this legislation. For example, in published regulatory drafts, "KVKK compliance for all artificial intelligence systems processing personal data" is being mandated, and special registration and audit conditions are being planned for high-risk applications. In this context, organizations may be required to identify and register high-risk AI projects for compliance with the new legislation, conduct regular risk assessments, and report to authorized bodies when necessary.

Additionally, the Personal Data Protection Law (KVKK) sets the framework for data security and privacy for all institutions in Turkey. Artificial intelligence applications are evaluated within the scope of KVKK in today's law; therefore, organizations must clearly state the purpose of processing personal data within the scope of KVKK, comply with the data minimization principle, conduct privacy impact assessments (DPIA) for high-risk projects, anonymize data, and prioritize employee privacy training and awareness.

Privacy Impact Assessment (DPIA): A system that assesses the potential impact of processed data on individuals' rights and freedoms and is aimed at reducing risk.

Data Minimization and Anonymization: Processed data should be limited only to what is necessary, and if possible, data should be anonymized before use.

Employee Training and Awareness: Through in-house training, staff should be educated about KVKK obligations and AI use, and a data protection culture should be developed.

However, it is strongly discussed in international privacy doctrine that anonymization alone is not a "miracle" and the risk of re-identification through contextual information can persist. Therefore, reliance should not be placed solely on anonymization; attention should also be paid to other measures.

Chief among these are:

Pseudonymization/Masking: Directly identifying data (name, ID number, license plate, etc.) should be replaced with another identifier that cannot be associated with the real person (hash value, token, etc.). The person can still theoretically be identified, but without access to an additional key, they become unidentifiable. Therefore, masking is not complete anonymization but is reversible in nature.

Access Control: A tiered access mechanism based on authorization levels to prevent everyone from accessing data.

Purpose Limitation: A fundamental principle of KVKK and GDPR (General Data Protection Regulation). Data can only be processed for a specific, explicit, and legitimate purpose and cannot be transferred beyond that purpose.

THE PLACE OF ARTIFICIAL INTELLIGENCE IN EUROPEAN LAW

There is currently no artificial intelligence legislation in force in European Union law. However, as in Turkey, a first and comprehensive regulation on this is being designed by the European Commission. The EU AI Act, which is planned to establish a framework as important as GDPR not only in terms of security and transparency but also in terms of privacy and data protection, will impose very strict preconditions for processing personal data, especially for high-risk artificial intelligence systems (such as credit scoring, recruitment systems, biometric recognition, health applications).

The most comprehensive and new regulations that the EU AI Act is planned to introduce are imposing "privacy by design" obligations on developers and special bans and restrictions on systems that process biometric data or can monitor individuals.

GDPR (General Data Protection Regulation), the EU's most comprehensive and strict regulation on the protection of personal data. Effective since 2018, GDPR applies both to all European companies processing the data of EU citizens and to companies outside the EU when dealing with EU residents.

The purpose of GDPR is to strengthen individuals' control over their personal data and to require companies to manage how they collect, process, and store this data in a more transparent, secure, and limited manner. In this context, it grants individuals strong rights such as the right to access data, the right to have data deleted ("right to be forgotten"), and data portability rights. Organizations, on the other hand, must comply with principles such as obtaining consent based on explicit and free will to process data, data minimization, purpose limitation, and secure storage. Non-compliance with GDPR rules results in heavy fines for companies of up to 4% of their turnover.

SAFE USE OF ARTIFICIAL INTELLIGENCE THROUGH PROMPT ENGINEERING

Prompt engineering is the process of designing correct commands (prompts) to obtain the best results from artificial intelligence and LLM (large language models) systems. Prompt engineering approaches are important for getting correct and safe results from artificial intelligence. An effective prompt can clearly explain what the model should do. Prompt engineering is important not only for getting better results but also because it has the power to determine what information will be disclosed to artificial intelligence and what will remain confidential, making it directly part of the privacy protection strategy.

The International Association of Privacy Professionals (IAPP) calls prompts designed in this way "ethical prompt design." That is, instead of providing data to artificial intelligence, defining roles and purposes by representing context reduces both privacy risk and produces much more consistent results. Therefore, prompt engineering is no longer just a technical skill but has become a new extension of professional ethics for lawyers.

SYSTEMIC SAFEGUARDS

Many artificial intelligence tools today process data given to them, learn from this data, and improve their systems. Public artificial intelligence tools like ChatGPT and Gemini do not provide a reliable environment for keeping confidential data safe because they continue to process data shared with them for the purpose of using it in the model's learning and include it in the learning cycle. Despite this, there are some systems that have emerged to mitigate the risks of AI use and are used by different companies. The most important of these are:

Sensitivity Labels and Data Protection: Sensitivity labels, one of the most fundamental layers in protecting organizational data, are a system that classifies data at the file level and applies automatic protection. The system both clearly shows the label to the user in applications like Word, Excel, PowerPoint, Outlook, Teams and applies technical measures like encryption and access rights in the background. AI models respect these labels and can only return data that the user already has access rights to. If EXTRACT permission is not granted, content cannot be summarized; only a reference link can be provided.

Data Loss Prevention (DLP): DLP is an automated security framework that prevents sensitive data from accidentally or intentionally leaving the company. When a user tries to send credit card, patient, or confidential business document data to third-party AI sites, the system automatically kicks in: it can warn the user, completely block the operation, or ask the user for a "justification" explaining the reason for the operation. This policy analyzes not just content but also behavioral context; for example, a "data paste" attempt at 3:00 AM from an unknown device could be considered much riskier.

In fact, DLP is in a much more advanced position in the Microsoft 365 ecosystem. The system does not just do blocking at the browser level; it also completely prevents Copilot from summarizing files with a certain sensitivity level but allows it to show the link, making "smart" decisions like this. Thus, when AI is used, data processing does not stop entirely but is directed in a controlled manner.

Insider Risk Management (IRM): IRM is a system that analyzes potential risky behaviors that internal users could perform with AI tools (such as trying to access a protected document with different roles, systematic data collection tendencies) using machine learning. This system examines not just the event but the context of the behavior. For example, if a departing employee starts accessing data unusually after giving notice or suddenly accesses many protected documents outside of work hours, the system catches these signals. The system automatically detects all these signals at such an early stage that humans cannot see them.

Data Classification: Data Classification is an intelligence layer that automatically classifies data by looking not just at "file name" or "label" but at the content itself. The system can instantly recognize data such as ID numbers, card numbers, project code names, confidential contract text, whether the user types it in Word or sends it as a prompt to an AI tool. These systems generally work with standard sensitive data definitions (Sensitive Info Types) but can also capture special data types with "trainable classifier" models that learn from the organization's own documents if desired.

Compliance & Audit: A system that records which internal processes and AI operations are performed, by whom, when, and for what purpose. These records not only record the commands given to artificial intelligence but also record referenced files, storing what sensitivity label the file has and which account it was done through. This data can be used in compliance audits (KVKK or GDPR audits) and also serves as evidence in the investigation of a possible violation.

Systems using the Microsoft 365 ecosystem in particular automatically protect AI processes with in-house data protection mechanisms such as sensitivity labels, DLP, IRM, data classification, and audit. These mechanisms not only prevent data from leaving but also guarantee encryption of content sent to AI based on its label, prohibition of even summarization when necessary, and ensure that only users with access rights can view it.

However, since general internet-purpose AI tools like ChatGPT or Gemini do not contain these corporate protection layers, when a user sends content to these systems, they risk losing control over the visibility of that data. Therefore, in scenarios where client data is processed and privacy is a priority, preferring AI tools embedded in infrastructure that provides reliable in-system mechanisms like Microsoft rather than public models like ChatGPT or Gemini not only provides security but also ensures sustainable use.

Using Leagle, which is an AI assistant specialized for Turkish law and contains systems already counted for using Microsoft infrastructure, protects attorney-client confidentiality while allowing the use of AI tools without risk.

CONCLUSION

In conclusion, it cannot be said that the use of any kind of artificial intelligence tool ensures privacy. However, the proper use of appropriate AI tools with correct programs and in appropriate ways is the only way to remain competitive and protect privacy without abandoning AI technology, which is now inevitable. At this point, it is important not only to pay attention to anonymization, masking, and access restrictions when using these tools, but also to prefer systems built with infrastructure that provides data security through systemic protections rather than AI tools that do not store shared data in their system and include them in the learning process. In this way, a lawyer can continue to protect attorney-client confidentiality while using AI tools to make their work more efficient.