Skip to main content

We have rebranded from Iqidis — meet Irys. A new identity for the future of legal work.

Irys
Attorney-Client Privilege

Your AI tools have already been subpoenaed.

OpenAI has received subpoenas and produced full chat histories, uploaded documents, and PDFs. Harvey, CoCounsel, and Legora route through those same servers. Most firms haven't asked this question yet. You should.

The Reality

The question most firms haven't asked

The legal AI tools your team is using today — what happens to that data when someone issues a subpoena?

“OpenAI has been successfully subpoenaed. Full chats, PDFs, documents — produced.”

This happened. Ask your clients if they know.

OpenAI stores everything

ChatGPT retains chat history, uploaded PDFs, and documents by default — for up to two years. OpenAI has received subpoenas and has produced full chat histories, documents, and files in response. This is not a hypothetical.

Wrappers route through the same servers

Harvey, Legora, and CoCounsel are built on OpenAI and Anthropic APIs. When your data flows through those tools, it flows through those servers — the same servers that have been subpoenaed. The wrapper does not change the underlying risk.

ABA Model Rule 1.6 applies

Your professional responsibility obligations do not pause because you used AI. Model Rule 1.6 requires competent supervision of the technology you use for client work — including understanding whether your tools can maintain confidentiality.

The Wrapper Problem

The chain your data travels

Using Harvey, Legora, or CoCounsel

Your firmHarvey / Legora / CoCounselOpenAI / Anthropic APIStored indefinitely on third-party servers

The wrapper company may have a DPA. But your data still flows through OpenAI or Anthropic infrastructure — the same infrastructure that has been subpoenaed.

Using Irys

Your firmIrys infrastructure (owned)Ephemeral LLM call (token only)Nothing retained

~80% of AI processing never leaves Irys-controlled infrastructure. When foundation models are used, only an encrypted ephemeral token is sent — your client content is never transmitted or retained.

How Irys Is Different

Built to protect privilege from the architecture up

Privilege protection is not a feature we added. It is a constraint we built the entire system around.

Data processor, not data retention company

Irys processes your data to complete tasks — it does not retain it. There is no accumulated store of your client communications, documents, or strategies sitting on third-party servers.

~80% processed in-house

The majority of AI processing runs on Irys-controlled infrastructure. When foundation model calls are required, they use ephemeral encrypted tokens — no content is retained after the session ends.

Contractual zero retention

Our commitment to zero data retention is a contractual guarantee, not a policy that can be quietly changed. Your data is never stored, never used for training, and never accessible to anyone outside your firm.

No data to subpoena

A subpoena requires data to exist somewhere. Irys does not accumulate your client data. When a session ends, the session ends — nothing persists that a third party could compel us to produce.

See the full security architecture.

SOC 2 Type II, ISO 27001, zero data retention, and the technical details behind how Irys protects your clients.

View Security & Compliance