AI Tool Risk and Cost

Most lawyers using ChatGPT, Claude, Gemini, Perplexity, or Grok at work are on consumer-tier accounts with no admin visibility, no audit log, and inputs that may train the next model. Moving to an enterprise tier closes the confidentiality gap. It does not close the hallucination gap, which is what gets attorneys sanctioned.

This page shows the risk profile and the price of each tier, so a firm administrator can size the trade-off: stay on consumer plans and rely on a written verification policy, or pay several thousand dollars per lawyer per year for the audit log an enterprise tier provides.

On this page

At a glance
Risk and cost by tier
ChatGPT
Claude
Gemini
Microsoft Copilot
Perplexity
Grok
Enterprise tier limits
Cost of risk vs. cost of mitigation
Sources

At a glance

505 AI-attributable sanctions cases tracked. 116 with monetary sanctions.
By named tool: 67 ChatGPT, 10 Microsoft Copilot, 10 Claude, 2 Perplexity, 3 Grok, 9 Gemini.
Largest documented ChatGPT-attributed sanction: $1,578,172 in attorney fees plus $93,388 in costs (Hatfield v. Pirani, E.D. Ark.).

Browse all sanctions cases →

Risk and cost by tier

Up to three tiers per vendor: consumer plans (personal accounts), a multi-user mid-tier where one exists, and the contracted enterprise tier. Annual cost is per user, list price, before negotiation. Vendor pricing verified 2026-05-04 (ChatGPT, Claude, Gemini, Microsoft Copilot) and 2026-05-06 (Perplexity, Grok).

Plan tier	Risk	Annual cost / user	Notes
ChatGPT 67 sanctions cases →
Consumer (Free, Go, Plus, Pro)	High	$0 to $1,200+	Personal accounts. OpenAI may train on inputs unless opted out. No admin visibility, no audit log.
Business (multi-user)	Medium	$240 to $300 (2-seat minimum)	No training on inputs. SOC 2 Type 2. No Compliance API access on this tier.
Enterprise	Low	Sales-contracted. OpenAI does not publish a price floor or seat minimum.	SOC 2. Compliance Logs Platform unified release March 2026, replacing the legacy Compliance API.
Claude 10 sanctions cases →
Consumer (Free, Pro, Max)	High	$0 to $1,200+	Personal accounts. Anthropic consumer terms; review current data-handling settings.
Team (Standard, Premium)	Medium	$240 to $1,500 (5 to 150 seats)	Multi-user workspace. No Compliance API on Team tier.
Enterprise	Low	$240+ per seat plus API usage (annual contract)	Compliance API GA 30 March 2026 (Enterprise plan, excludes Public Sector). Captures admin and resource activity.
Gemini (Google) 9 sanctions cases →
Consumer (Google AI Pro, Google AI Ultra)	High	$240 to $3,000	Personal accounts under Google consumer terms. Renamed from "Gemini Advanced."
Workspace Business (Standard, Plus)	Low	$168 to $264 (Gemini bundled into base SKU)	Admin SDK Reports API exposes Gemini activity. 180-day rolling log history (records from June 2025 forward).
Microsoft Copilot 10 sanctions cases →
Microsoft 365 Premium (consumer)	High	$240	Replaces the deprecated Copilot Pro standalone. Personal account, consumer terms.
Microsoft 365 Copilot (enterprise add-on)	Low	$360 add-on plus base license: $150 (Business Standard) to $684 (E5). Total: $510 to $1,044.	Requires Microsoft 365 Business Standard, Business Premium, E3, or E5. Purview audit logging included; advanced retention requires E5 or the Purview Audit (Premium) add-on. Microsoft Graph aiInteractionHistory API captures prompts, accessed resources, and responses.
Perplexity 2 sanctions cases →
Consumer (Free, Pro, Pro Max)	High	$0 to $2,004	Personal accounts. Pro at $204/yr; Pro Max at $2,004/yr is the highest-priced consumer LLM tier on this page. Forest Ridge v. Heag (N.C. Ct. App. 2026) involved Perplexity.AI Professional and a public chastisement of counsel.
Enterprise Pro	Low	Sales-contracted. Perplexity does not publish a per-seat price or seat minimum.	SOC 2 Type 2. Enterprise customer data excluded from model training. SSO and SCIM. Configurable file retention. A dedicated audit-log API is not documented on the enterprise marketing page.
Grok (xAI) 3 sanctions cases →
Consumer (Free, SuperGrok Lite, SuperGrok)	High	$0 to $360	Personal grok.com accounts. xAI consumer terms; "Private Chat" is the consumer opt-out. X Premium and Premium+ ($32 to $395/yr) bundle Grok access on a separate consumer surface. Billups v. Louisville Mun. Sch. Dist. (N.D. Miss. 2025) sanctioned an attorney for using Grok despite a firm policy against external AI.
Grok Business	Medium	$360	Multi-user team workspace. Excluded from model training by default. Centralized billing, user analytics. No published audit-log API at this tier.
Grok Enterprise	Low	Sales-contracted. xAI does not publish a per-seat price or seat minimum.	SOC 2 Type 2 per xAI Enterprise. SSO, SCIM, custom role-based access controls, custom data retention. Audit logging documented on the xAI Enterprise page.

Tier choice does not solve hallucination

What an enterprise tier does not fix

Audit logs and SOC 2 attestations catch confidentiality leaks. They do not catch fabricated citations. The Rule 3.3 candor obligation applies at every tier, on every case, every time. A compliance log proves a model was used; it cannot prove the cases the model cited actually exist.

Wadsworth v. Walmart (D. Wyo. 2025) is the case to read. Morgan & Morgan attorneys used the firm's internal AI tool to generate citations that turned out to be fabricated. The internal-AI tier rates Low on confidentiality. Judge Rankin still sanctioned three attorneys: $3,000 plus pro-hac-vice revocation for the lead, $1,000 each for the other two.

The same logic applies to legal-vertical AI tools sold to law firms. Pelishek v. City of Sheboygan (E.D. Wis. 2025) sanctioned counsel $4,500 after a brief that relied on Westlaw's Quick Check went out with misquoted cases and a citation to a nonexistent case. Lifetime Well v. IBSpot (E.D. Pa. 2026) imposed a $4,000 sanction after a motion to dismiss prepared with Lexis+ AI and LexisNexis Protégé contained at least eight defective citations, including authorities from inapposite jurisdictions and fabricated quotations. Flycatcher v. Affable (S.D.N.Y. 2026) involved a research workflow built on vLex, Paxton AI, and NotebookLM, with the response to the Rule 11 order to show cause itself containing a fabricated Mata v. Avianca quotation. Tools indexed against legal corpora and sold to law firms still hallucinate.

Tier choice mitigates one risk (data exfiltration). It does not mitigate the other (fabricated content reaching the court). A firm policy and a verification habit are required at every tier.

Cost of risk vs. cost of mitigation

Set the price of an enterprise tier alongside the price of a single sanction event and the trade-off becomes legible. Sanctions in our tracker run from $500 to seven figures. Bar discipline ranges from public admonishment to suspension. Carrier renewal questionnaires now ask whether a firm has a written AI policy.

If a sanction lands

$500 to $10,000+ direct monetary sanction (modal range in tracker)
$1,578,172 attorney fees plus $93,388 costs (Hatfield v. Pirani, E.D. Ark.)
$110,204 in sanctions and fee award (Couvrette v. Wisnovsky)
Plus pro-hac vice revocation, bar referral, fee disgorgement
Plus malpractice carrier renewal questionnaire flag
Plus public docket entry, news coverage, client confidence loss

If a written policy lands first

Carrier-Renewal Packet: tiered pricing, one-time fee. Policy, training, and vendor diligence captured before the next renewal questionnaire.
Consulting: 4 to 8 week productized engagement. Vendor diligence, live training rollout, written policy with the firm's tool tiering captured.
Less than the cost of one Rule 11 sanction. Less than the annual cost of upgrading two attorneys to ChatGPT Business.

Sources

OpenAI, ChatGPT pricing (verified 2026-05-04): openai.com
OpenAI, ChatGPT Enterprise: openai.com
OpenAI, Compliance APIs (March 2026 unified Compliance Logs Platform): help.openai.com
OpenAI Trust Center (SOC 2 Type 2): trust.openai.com
Anthropic, Claude pricing (verified 2026-05-04): claude.com
Anthropic, Compliance API (Claude Enterprise GA 30 March 2026): support.claude.com
Google, Workspace pricing (verified 2026-05-04): workspace.google.com
Google, Gemini consumer subscriptions (verified 2026-05-04): gemini.google
Google, Gemini audit logs in Reporting API (July 2025 release): workspaceupdates.googleblog.com
Google, Admin SDK Reports activity reference, gemini_in_workspace_apps: developers.google.com
Microsoft 365 Copilot for business (verified 2026-05-04): microsoft.com
Microsoft 365 enterprise pricing (verified 2026-05-04): microsoft.com
Microsoft, Audit Copilot interactions (Microsoft Purview): learn.microsoft.com
Microsoft, aiInteractionHistory resource (Microsoft Graph): learn.microsoft.com
Perplexity, Pro pricing (verified 2026-05-06): perplexity.ai
Perplexity, Enterprise: perplexity.ai
Perplexity Trust Center (SOC 2 Type 2): trust.perplexity.ai
xAI, Grok plans (verified 2026-05-06): grok.com
xAI, Enterprise (SOC 2 Type 2, audit logging): x.ai
xAI, Grok Business documentation: docs.x.ai
ABA 2024 Legal Technology Survey Report, AI TechReport: americanbar.org

Vendor pricing and risk profile verified 2026-05-04 (ChatGPT, Claude, Gemini, Microsoft Copilot) and 2026-05-06 (Perplexity, Grok). Tracker counts updated at every build. AI tool pricing changes frequently; reverify before policy decisions.