June 1, 2026 (in 3 days): New York: 22 NYCRR Part 161 takes effect, system-wide AI policy for all UCS courts

District of Columbia: AI Ethics Guidance for Law Firms

Formal opinion

Verified April 25, 2026

Citation
D.C. Bar Legal Ethics Opinion 388 (Apr 2024)
Opinion date
April 2024

Summary

DC has a formal ethics opinion (Opinion 388, April 2024) and binding RPC amendments (Order M284-24, effective April 7, 2025) codifying technology competence and vendor oversight obligations into the rules. Opinion 388 covers competence, confidentiality vetting, supervision, billing, and candor. Neither the D.D.C. nor the D.C. Circuit has a court-wide AI standing order.

On this page
  1. D.C. Bar Legal Ethics Opinion 388
  2. D.C. Court of Appeals Order M284-24: RPC amendments
  3. What federal courts in DC require for AI use in filings
  4. What DC state courts require for AI use in filings
  5. What AI-related rules are pending in DC?
  6. How do malpractice carriers in DC treat AI use?
  7. What does my DC malpractice carrier ask about AI at renewal?
  8. What documentation should a DC firm keep on file?
  9. AI sanctions cases (9)
  10. Applicable rules (reference)
This summary is informational only. Verify the primary source before relying on this entry in any filing or client matter. Bar rules differ meaningfully by state; consult a licensed attorney in your state.

Bottom line for a 5-50 attorney DC firm: D.C. Bar Legal Ethics Opinion 388 (April 2024) and binding RPC amendments under D.C. Court of Appeals Order M284-24 (effective April 7, 2025) together codify technology competence and vendor oversight as enforceable duties, not best practices. Vendor due diligence on every AI tool that touches client data is now a Rule 5.3 obligation, and citation verification is a Rule 3.3 and 3.4 obligation backed by the Mata v. Avianca cautionary line. Neither the D.D.C. nor the D.C. Circuit has a court-wide AI standing order, but individual judge chamber pages should be checked before any federal filing.

Start with: a written AI use policy, a vendor due diligence record for each AI tool in use, and a citation verification protocol for any filing incorporating AI-generated legal research.

Citation: D.C. Bar Legal Ethics Opinion 388 (April 2024), issued by the D.C. Bar Legal Ethics Committee. Primary source.

Status: Formal ethics opinion. Advisory rather than a binding rule, but highly persuasive in DC disciplinary proceedings.

What it requires

  • Competence (Rule 1.1): A lawyer must have a reasonable and current understanding of how the AI tool works, including its potential dangers, limitations, and cost, before using it in a client matter. Understanding the hallucination risk is an explicit component of this duty.
  • Confidentiality (Rule 1.6(f)): Before using any AI tool in a client matter, a lawyer must determine two things: whether the provider or third parties will have access to inputs, and whether user interactions could affect outputs given to later users and thereby reveal client confidences. Consumer AI tools that exploit user inputs as training data are treated as higher risk.
  • Supervision (Rules 5.1, 5.3): Partners and managing lawyers must ensure supervised personnel using AI do so consistently with the RPC. This includes vetting tools before deployment, establishing firm policies, and requiring verification of AI outputs.
  • Candor (Rules 3.3, 3.4): Lawyers must independently verify all AI-generated citations and legal authorities before filing. The opinion uses Mata v. Avianca, Inc., 678 F. Supp. 3d 443 (S.D.N.Y. 2023) as the anchor cautionary example. Compliance with any tribunal-specific AI orders is mandatory.
  • Fees (Rule 1.5): Lawyers may not bill clients for time saved by AI. If a task that previously took 10 hours takes 2 hours with AI, the client is billed for 2 hours. Pass-through of direct AI tool costs requires client agreement.
  • Client file (Rule 1.16(d)): Lawyers should consider whether AI interactions are part of the client file and preserve them accordingly.

What it recommends

  • Conduct due diligence before adopting an AI tool: review news coverage, third-party testing, and peer experience.
  • Test AI output against known work product to calibrate accuracy.
  • Negotiate data privacy terms with vendors rather than relying solely on posted privacy policies.
  • Establish written firm policies on AI use prior to deployment.
  • For legal work, prefer paid, enterprise-tier AI tools with explicit data isolation over free consumer products.

Rules cited

Rules 1.1, 1.2, 1.5, 1.6 (specifically subsection (f)), 1.16, 3.3, 3.4, 5.1, 5.3, 8.4.

Notable gaps

Opinion 388 is silent on whether lawyers must tell clients they are using AI on a matter or obtain client consent. It does not address AI-generated expert reports, settlement communications, or transactional documents, and it does not distinguish AI tools embedded in legal research platforms from standalone generative AI. It was issued before the 2025 RPC amendments and does not reflect the now-codified technology competence language in Rule 1.1 Comment 5.

D.C. Court of Appeals Order M284-24: RPC amendments

Citation: D.C. Court of Appeals Order No. M284-24, signed and effective April 7, 2025. The order amends the binding D.C. Rules of Professional Conduct.

Status: Binding rule and rule comment amendments. As of April 7, 2025, they set the profession-wide standard of care for AI use in DC.

What changed:

  • Rule 1.1, Comment 5 (Thoroughness and Preparation): Competent handling now includes use of methods, procedures, and technology meeting the standards of competent practitioners. Generative AI and cloud computing are explicitly named as technology lawyers must keep current on. This is the first time “technology” appears in the DC RPC text.
  • Rule 1.6(f) (Confidentiality): Expanded to cover unauthorized access to client information, not just unauthorized disclosure or use. This directly governs AI tools where providers may access client data during inference or training.
  • Rule 1.6, Comment 40: Now addresses both transmission and storage of confidential data, with reasonableness factors including security cost and implementation difficulty, relevant to evaluating enterprise versus consumer AI configurations.
  • Rule 5.3, Comments 3 and 4 (new): Establishes supervisory obligations for nonlawyer service providers including document management firms, cloud storage services, and vendors, even without direct client direction. AI tool vendors fall squarely within this.
  • Rule 4.4(c) (new): Addresses inadvertent disclosure discovered after a lawyer has begun reviewing materials, requiring immediate cessation and notification. Indirectly relevant when AI tools process inadvertently received privileged documents.

What federal courts in DC require for AI use in filings

The D.D.C. standing orders page lists no AI-specific court-wide order. No individual judge AI standing order in D.D.C. surfaced in primary-source research. Practitioners are governed by Fed. R. Civ. P. 11 for sanctions exposure from AI-generated false citations. Check individual judge chamber pages before filing in any D.D.C. case.

The D.C. Circuit FRAP local rules updated December 4, 2025 contain no AI-specific provision. D.C. Circuit practitioners filing briefs are governed by existing FRAP certifications; no AI-specific certification or disclosure is currently required.

What DC state courts require for AI use in filings

The DC Courts (Superior Court and Court of Appeals) have an internal AI policy (July 2025, Administrative Order revised March 2026). It governs court staff and judicial use of AI. The policy is not attorney-facing and imposes no disclosure requirement on filers. The DC Courts AI landing page reflects that existing ethics rules remain effective and no attorney disclosure rule has been issued.

No enacted or pending DC legislation directly governs attorney AI conduct in the practice of law. The Stop Discrimination by Algorithms Act (B25-0114) addresses algorithmic discrimination in employment, housing, and credit decisions; it is not attorney-conduct specific. Mayor’s Executive Order 2024-028 establishes DC AI values and an AI Advisory Group for DC government agencies. It does not apply to private law firms.

How do malpractice carriers in DC treat AI use?

No DC-affiliated bar carrier has published AI-specific underwriting positions in the materials reviewed for this entry. Opinion 388 and the M284-24 amendments establish the standard of care. Three claim types map to those rules: a malpractice claim from a fabricated AI citation, a Rule 5.3 violation tied to vendor diligence failure, or unauthorized access to client data through a consumer AI tool. Each will be evaluated against those rules, and the rule amendments give carriers a binding hook rather than a best-practice argument.

What does my DC malpractice carrier ask about AI at renewal?

No DC-dominant carrier has published specific AI application items in the materials reviewed. Opinion 388 and Order M284-24 are the substantive standard the firm prepares against. Documentation to have ready: a written AI use policy, vendor due diligence records, a citation verification protocol, an AI billing protocol reflecting Opinion 388’s actual-time rule, a competence training log, an incident response procedure for AI-related confidentiality events, plus per-matter notes where AI was used substantively. Confirm application items directly with the carrier or broker.

What documentation should a DC firm keep on file?

Month one (foundational)

  1. (Owner: managing partner + firm administrator) Written AI use policy covering permitted and prohibited tools, input anonymization, verification and review, AI billing rules, and approval authority. Opinion 388 requires it; Rule 5.3 Comments 3-4 (effective April 7, 2025) codify it.
  2. (Owner: litigation lead) Citation verification protocol for any filing incorporating AI-generated legal research: who verified each citation, what source was used, date verified. Rules 3.3 and 3.4 require this, and documented verification is the defense against a sanctions motion.
  3. (Owner: matter lead attorney) Judge-specific AI order check at the opening of each D.D.C. matter, since neither the D.D.C. nor the D.C. Circuit has a court-wide order but individual judges may impose chamber-level requirements.

Months two and three (operational documentation)

  1. (Owner: firm administrator + outside IT) AI vendor due diligence record for each AI tool in use: privacy policy review, data retention terms, enterprise data isolation status, and date of last review. Required by amended Rule 1.6(f) and Rule 5.3 Comments 3-4.
  2. (Owner: firm administrator) Competence training log recording attorney and staff training on AI tools, including date, content, and attendees. Required by amended Rule 1.1 Comment 5.
  3. (Owner: managing partner) Supervision protocol describing how partners verify that supervised personnel use AI consistently with the RPC. Required by Rules 5.1 and 5.3.

Months four to six (per-matter discipline)

These are recurring practices, not one-time projects: each new matter exercises them.

  1. (Owner: matter lead attorney) Per-matter AI use notes identifying which AI tool was used, the nature of the AI contribution, and attorney verification steps. Opinion 388 identifies this as a potential Rule 1.16(d) client-file obligation.
  2. (Owner: billing partner) AI billing protocol in practice. Time billed must reflect actual AI-assisted time, not pre-AI benchmarks. Client agreement is required before any pass-through of direct AI tool costs. Required by Opinion 388 under Rule 1.5.
  3. (Owner: managing partner) Incident response procedure for the event an AI tool inadvertently processes client confidential data in an unauthorized manner. Amended Rule 1.6(f) and new Rule 4.4(c) trigger notification obligations, and carriers increasingly ask about breach response plans at renewal.

We are building practitioner resources for firms working through this list. The monthly update covers new resources as they ship.

AI hallucination sanctions cases in District of Columbia (9)

Editorially flagged cases for District of Columbia firms appear first with a "Why this matters" note; the remaining 8 entries collapse below.

  • Zhang v. National Public Radio, Inc.
    D.D.C. · Dec 2025 · $1,000 (final amount; reduced from initial sanction figure following sealed in-camera hearing)

    Why this matters: Howell order is the canonical D.D.C. AI-Rule 11 template: show-cause naming each cite, strike, dismissal, sealed hearing, and a $1,000 reduced sanction.

Other District of Columbia cases (8)

Topic guides

Topic guides

  • Billing for AI Work: ABA Model Rule 1.5 and the state opinions on billing for AI-assisted legal work. Hourly billing, flat-fee adjustments, expense pass-through,…
  • AI Disclosure Requirements: When and how attorneys must disclose AI use in court filings. Court orders, state bar opinions, and the templates that document compliance.
  • Supervised AI Use: ABA Model Rule 5.1, Rule 5.3, and the state opinions that translate them into firm-side duties to supervise AI tools and the people using th…

Applicable rules (reference)

How each rule applies to AI use in legal practice. Rule numbers reflect this state's own numbering where it diverges from the ABA Model Rules.

Rule 1.1 : Competence
In the firm AI policy, list approved tools and document what each one can and cannot do, where its data goes, and where it hallucinates. The competence duty rests on the lawyer, not the vendor.
District of Columbia note: Order M284-24 (effective April 7, 2025) codified technology competence into the binding DC Rules of Professional Conduct, not merely as a comment.
Rule 1.2 : Scope of Representation
Engagement letters should address whether AI may be used for substantive work, and require client sign-off before AI delegation expands the original scope.
Rule 1.5 : Fees
Bill actual time, not pre-AI hourly time. If AI subscription costs are passed through to a client, disclose the basis in writing before the invoice issues.
Rule 1.6 : Confidentiality
Vet every AI tool that touches client data: data retention, training-data use, security posture, breach disclosure, and deletion on termination. No client-identifying input into a public-tier tool.
Rule 1.16 : Declining or Terminating Representation
On engagement close, return or delete AI vendor data on the same schedule as paper and other electronic client files.
Rule 3.3 : Candor Toward the Tribunal
Personally read every cited case and verify every quoted authority before signing a filing. This is the rule behind every AI-hallucination sanction issued to date.
Rule 3.4 : Fairness to Opposing Party and Counsel
AI-fabricated discovery, manipulated evidence, or misleading communications to opposing counsel violate Rule 3.4 independent of any candor-to-tribunal issue.
Rule 4.4 : Respect for Rights of Third Persons
AI tools that scrape, infer, or aggregate third-party data can violate this rule even when the underlying technology is otherwise lawful.
Rule 5.1 : Responsibilities of Partners and Supervisory Lawyers
Adopt a written firm AI policy, require AI training at intake, and verify compliance. Recent sanctions decisions (Mata, Johnson v. Dunn) have credited firms with pre-existing written policies as a mitigating factor.
Rule 5.3 : Nonlawyer Assistance
Treat AI tools the way the firm treats paralegals: written supervision protocol, attorney review before client or court delivery, and named accountability per matter.
District of Columbia note: After Order M284-24, failure to vet an AI vendor's security practices is a Rule 5.3 violation, not merely a best-practice failure. This gives DC one of the strongest vendor-diligence postures of any jurisdiction.
Rule 8.4 : Misconduct
Submitting AI-fabricated authority, misrepresenting AI involvement, or weaponizing AI against opposing parties can constitute misconduct under 8.4(c) (dishonesty) or 8.4(d) (conduct prejudicial to administration of justice).