Skip to content

Transparency Note for Data Privacy and Security in the Use of Artificial Intelligence

With Looplex Copilot, lawyers and other legal professionals now have a new way to generate ideas and drafts of content, automate business processes of the legal work lifecycle, as well as access and organize information throughout their organization by interacting with artificial intelligence systems.

Before your organization starts using Looplex Copilot’s features, you might have questions about how it works, how it keeps your corporate data secure, and whether it adheres to privacy requirements.

This transparency note provides answers to common questions related to enterprise data privacy and security to help your organization get started with Looplex Copilot.

What is the difference between ChatGPT and Looplex Copilot?

ChatGPT is a general-purpose large language model (LLM) trained by OpenAI with a massive dataset of text, designed to engage in human-like conversations and answer a wide range of questions on various topics.

Looplex Copilot uses a variety of neural network models, including (but not limited to) OpenAI’s LLMs. However, the AI technology enabled in our interface uses Azure Cognitive services that are already optimized to handle business processes and proprietary business data, meeting the security and privacy requirements that our customers demand. For Looplex users, Copilot suggests optional actions and content recommendations in the context of the task at hand.

Some ways Looplex Copilot for natural language generation is unique:

  1. AI-generated responses are uniquely contextual to the legal context, relevant to the task at hand, and informed by your organization’s enterprise data, whether it’s to respond to a semantic search of your content from previously created petitions, contracts, agenda items, activity logs, and documents; an application that automates the analysis of contract clause submitted for approval; or a service in Looplex Works that interprets a court subpoena and suggests the associated tasks and deadlines, and the distribution of that work to different people on your team.

  2. Copilot uses LLMs (such as GPT) and your organization’s enterprise data to produce more accurate, relevant, and personalized results. Your enterprise data is used to enhance context only for your scenario, and the LLM itself doesn’t learn from its use.

  3. Uniquely enabled for Azure Artificial Intelligence services and OpenAI’s enterprise account, Looplex Copilot leverages the same enterprise-grade security, compliance, and privacy designs that Microsoft has put into its products, such as Office and Dynamics.

What happens to my data when I use Looplex Copilot?

You are in control of your data. The data is not shared with third parties unless you give express permission to do so. In addition, Looplex does not use non-anonymized personal data to train or improve Looplex Copilot or AI features in other customers’ solutions, unless you have given Looplex consent to do so, as expressly stated in our Privacy Policy.

Looplex Copilot follows existing permissions and data policies, and users will only see answers based on data they have access to personally. Refer to the documentation for the product or feature that is using Looplex Copilot for details on how you can control your data and how it is managed.

How does Copilot work on the Looplex platform?

Here’s a high-level overview of how Looplex Copilot works on the Looplex platform:

  1. Looplex Copilot requests an input prompt from an agent, which can be a human user or a business process automation bot in a service, such as Looplex for processing subpoenas for lawsuits, for example.

  2. Looplex Copilot pre-processes the prompt through an approach called grounding, which improves the specificity of the prompt so that the user gets relevant and actionable responses to their specific task. It does this, in part, by making a call to the Looplex Graph and accessing the enterprise data that the user consents to and to which it grants usage permissions for the retrieval of its content and business context. We also define the scope of grounding as documents and data visible to the authenticated user through role-based access controls (RBAC).

This information retrieval is called the augmented generation approach of retrieval, and it allows Looplex Copilot to provide more contextual information as input to an LLM by combining the user’s data with other data inputs from your organization (that the user could have access to), such as information retrieved from a Case’s data, automated documents generated on the platform, and other articles from your organization’s knowledge base to Improve the prompt.

  1. Copilot obtains the response from the LLM and performs post-processing of it. Depending on the scenario, this post-processing includes some combination of additional grounding calls to the Looplex Graph, responsible AI checks, content-moderated filtering, and additional constraints and command generation.

  2. Finally, Looplex Copilot returns a recommended response to the user and sends commands back to applications where a human in the loop can review and accept or not. Looplex Copilot iteratively processes and orchestrates these sophisticated services to produce results that are relevant to the legal department of a company or a law firm.

Are Copilot’s answers always factual?

The answers that generative AI produces are not guaranteed to be 100% factual. While we continue to improve responses to fact-based queries, users should still use their best judgment when reviewing the output before sending it to others, especially in the legal context, as Looplex’s services are designed to be operated by lawyers. Our Looplex Copilot features provide helpful drafts and summaries to help you achieve more, while giving you the chance to review the generated AI rather than fully automating these tasks.

For this reason, we have adopted risk mitigation requirements as a design strategy for our AI services, with all integrations with the Looplex Copilot service must:

  1. Implementation of meaningful human oversight.

  2. Implementation of strong technical limits on inputs and outputs to reduce the likelihood of misuse beyond the intended purpose of the application

  3. Thorough application testing to find and mitigate undesirable behavior

  4. Establishment of feedback channels

  5. Implementation of additional scenario-specific mitigations

Our teams continue to improve algorithms to proactively address issues such as misinformation, content blocking, data security, and preventing the promotion of harmful or discriminatory content in accordance with Microsoft’s Responsible AI Principles, which we follow as a general guideline.

Will Looplex Copilot meet my industry’s regulatory compliance requirements?

Looplex offers Looplex Copilot within the Looplex Platform ecosystem. For details on the regulatory certifications and compliance of Looplex’s services, please visit our page listing corporate security measures, as well as our regulatory framework guide. As regulation in the AI space evolves, Looplex will continue to adapt and respond to meet future regulatory requirements in this space.