AI in Litigation: A Colorado Federal Court Sets the Standard

Overview: The Morgan Decision

On March 30, 2026, a ruling from the magistrate judge handling discovery motions in a pro se employment discrimination case for the District of Colorado produced an opinion that provides guidance on artificial intelligence (AI) and work product protection in federal litigation to date. In Morgan v. V2X, Inc., 1:25-cv-01991 (USDC CO 2025), Magistrate Judge Maritza Dominguez Braswell addressed two questions that litigators have been navigating under Federal Rule of Civil Procedure 26(b)(3): (1) whether work product protection extends to AI-generated litigation materials, and (2) what a protective order governing AI use should look like.

Judge Dominguez Braswell provided answers that are consequential for litigators using AI tools, regardless of whether their opponent is a corporation or a pro se plaintiff.

Work Product Protection and AI: What the Court Held

The Morgan court held that Federal Rule of Civil Procedure 26(b)(3) applies to AI-assisted litigation work product. That conclusion follows directly from the rule’s text: the 1970 amendments expanded protection to parties themselves, not just their attorneys, and courts have long applied this principle to self‑represented litigants. The court described AI as an equalizer for pro se litigants navigating complex litigation and emphasized that the rule offers no textual basis for conditioning work‑product protection on the involvement of counsel. The Morgan court held that while the AI was covered by Rule 26, the pro se plaintiff’s interactions with the AI were covered by attorney–client privilege.

Corporate defendants frequently argue that uploading materials to an AI platform constitutes voluntary disclosure to a third party, destroying confidentiality. However, the US Supreme Court and appellate courts have rejected this reasoning. Under Carpenter v. United States, 585 US 296 (2018), and United States v. Warshak, 631 F.3d 266 (6th Cir. 2010), the mere fact that data is routed through third-party infrastructure does not by itself automatically eliminate expectations of privacy or confidentiality.

The court’s treatment of AI as a third-party system in the criminal case United States v. Heppner, No. 25 Cr. 503 (JSR) (2026 WL 436479) (SDNY February 17, 2026), has important implications for outside counsel. In Heppner, a represented criminal defendant used a public AI entirely on his own, without direction from counsel, and the court rejected his privilege claim—the court in fact held that Heppner waived conversations previously covered by the privilege by putting case details into an open tool. A crucial fact for the Heppner court was that Heppner used a public AI model that trained on his prompts according to the terms of use he was operating under, ostensibly creating a break in attorney–client confidentiality. Although Judge Dominguez Braswell treated Heppner as factually distinct, her reasoning points to a broader risk: a represented party who uses AI tools independently of counsel may forfeit both privilege and work‑product protection. Counsel should address this risk proactively and advise clients on appropriate AI use (especially avoiding public models) before a dispute arises, not after.

The plaintiff unsuccessfully argued that identifying the specific AI platform he used would reveal protected work product, because that tool selection reflects legal strategy. The court rejected that argument, finding the record too conclusory to support the claim. To protect AI tool identity, counsel will need to develop a concrete factual record demonstrating how the platform’s specific capabilities connect to litigation strategy.

The Protective Order Standard

The Morgan court’s proposed protective order language is where this opinion will have its broadest impact. It establishes a contractual floor for use of AI tools that must be satisfied before confidential information can be processed through any AI platform:

• The provider must be contractually prohibited from using inputs to train or improve its model or disclosing inputs to third parties except as strictly necessary to deliver the service.
• Any third-party receiving data must be bound by equivalent protections.
• The party must retain a contractual right to delete all confidential information upon request.
• The party must maintain written documentation of all of the above.

The Heppner court recognizes that this standard will exclude most free and low-cost AI tools from use on confidential litigation materials. Enterprise-tier platforms with appropriate data-processing agreements may be the only compliant option.

Two Problems the Opinion Leaves Open

• When data is processed by an AI platform, prompts and documents can be converted into vector embeddings, which are numeric representations stored in the platform’s database infrastructure. This data is not in a recoverable file. Whether a contractual right to delete satisfies a court-ordered confidentiality obligation when the underlying data exists as embeddings is an open and unresolved question. Counsel should not assume a deletion clause necessarily ensures deletion of the information processed by the model at the vector level.
• The Morgan protective order applies to “any modern artificial intelligence platform, including any generative, analytical, or large language model-based tool.” That language could encompass tools lawyers have relied on for years, including Westlaw, Relativity, and Microsoft 365 Copilot embedded in standard document and email applications. If applied broadly, this standard would effectively require litigants to audit and disclose their entire litigation technology stack, imposing an obligation that has no precedent in the Federal Rules and falling most heavily on those least equipped to comply.

What Counsel Should Do Now

This is a new era, and courts may be issuing discovery orders without thoroughly understanding the technology at issue. Before proposing AI restrictions in a protective order, counsel should audit their own client’s AI use. Restrictions bind both sides, and proposing language a client cannot satisfy itself could create unnecessary complexity and increase exposure.

Counsel clients on independent AI use. The gap between a client using AI at counsel’s direction versus on its own initiative is now legally significant. Engagement letters should inform clients about when—and when not—to use AI tools during the engagement.

Build a record to protect tool identity. If you anticipate needing to resist disclosure of which AI tools you are using, begin building the factual record establishing the basis for your argument. Conclusory assertions will not carry the burden.

Review your AI platform agreements. Assess whether the tools you rely on in litigation satisfy the contractual requirements the court has specified. Data retention, training opt-outs, deletion rights, and third-party sharing restrictions all need to be evaluated.

Understand your deletion obligations. Before representing to a court that confidential information has been deleted from an AI platform, understand how that platform stores and processes data at the architectural level. It may be helpful to carefully define deletion to exclude vectorized information.

How BRG Can Help

BRG’s Discovery & Forensic Technology and AI Governance teams assist outside counsel and in-house legal departments in assessing AI tool use across the litigation lifecycle, evaluating platform agreements against emerging court standards, and building the technical and factual record needed to support privilege and work product claims in an AI-driven environment.

As these and other cases begin to influence courts, the organizations that act proactively—such as updating protective order templates, counseling clients, and auditing their AI infrastructure—will be best positioned to manage the risk.

For more information, contact BRG’s Discovery & Forensic Technology and AI Governance practice.

This alert is provided for informational purposes only and does not constitute legal advice.