Litigation Minute: Preserving AI-Generated ESI in Anticipation of Litigation

As use of generative artificial intelligence (GenAI) tools in daily operations grows, organizations are creating new types of electronically stored information (ESI). Prior Litigation Minutes published by the firm covered whether AI-generated content is discoverable and whether GenAI interactions may be protected by the attorney-client privilege or work-product doctrine.¹ Equally important is what steps organizations should take to retain and preserve GenAI ESI for litigation or compliance purposes.

Understanding Your GenAI ESI

Organizations and their counsel must understand which GenAI tools employees use (approved and informal) and for what purposes, what data each tool retains, where that data resides, and how long it remains available, including any applicable vendor retention practices.

GenAI ESI (including prompts, outputs, uploaded documents, and usage logs) may not be retained by default. Some tools auto-delete data quickly, overwrite information as users iterate, or preserve it only in audit logs that require affirmative configuration. As a result, potentially relevant information may be lost before counsel realizes GenAI ESI is implicated.

As GenAI adoption grows, these issues will impact information governance, litigation, and compliance readiness. Organizations will need enterprise-level retention settings for approved tools, clear internal rules for business and legal use, and legal hold processes that can quickly identify and preserve relevant GenAI ESI.

Updating Your Retention Policies

In some cases, GenAI ESI may qualify as a business record with retention requirements, e.g., where employees rely on GenAI outputs in decision-making or where such data supports audit or compliance functions. In regulated industries, GenAI outputs that inform client communications, marketing, or operational decisions may trigger the same documentation and supervision requirements as other ESI. Organizations should review retention policies to ensure relevant ESI is addressed, with retention periods determined by content of a record rather than format.

At the same time, overly broad retention creates burden and risk. Data minimization remains a core principle of effective information governance, particularly given the volume of ESI GenAI tools can generate. Retention policies should define what constitutes a business record and incorporate GenAI ESI into existing categories based on content and business purpose, rather than creating entirely new classifications. Exploratory prompts and draft outputs that do not inform business decisions may not warrant retention and may be subject to defensible disposition practices. Because technical capabilities vary across platforms, policy requirements should align with what organizations can realistically implement.

Because GenAI tools continue to rapidly evolve, retention policies should be reviewed periodically but drafted flexibly enough to remain effective without constant revision.

Preserving GenAI ESI in Anticipation of Litigation

Under the Federal Rules of Civil Procedure and in most states, parties must preserve relevant ESI once litigation is reasonably anticipated. Recent case law confirms this can include GenAI ESI. When litigation is anticipated, organizations should promptly identify custodians using relevant GenAI tools, assess retention settings, and work with IT and information-governance teams to suspend auto-deletion, preserve existing data, or enable logging where necessary. Coordination with third-party providers may also be required.

Failure to preserve relevant GenAI ESI, carries the same risks as other lost ESI. If the information cannot be restored or replaced through additional discovery and the loss prejudices another party, courts may order curative measures or sanctions. Because GenAI ESI may reflect decision-making not apparent from final documents, courts may be more likely to find prejudice from its loss. If a court finds intent to deprive another party of the information, harsher sanctions may follow.

Re-Considering Traditional Legal Holds

Traditional, custodian-focused preservation instructions may not be sufficient for GenAI ESI, particularly where relevant information is stored within the tool rather than by employees. Instructing employees not to delete information may be ineffective if vendor or enterprise settings continue overwriting or deleting interaction histories or audit logs.

Organizations should consider updating legal hold notices to expressly address approved GenAI tools, specify what must be preserved (such as prompts, outputs, and metadata), and clarify preservation steps. IT and information-governance teams should confirm whether to pause deletion or enable logging.

Practical Considerations for Preserving GenAI ESI

Information Governance and Litigation Readiness

Plan Ahead

Address GenAI during vendor diligence, onboarding, and contracting.

Investigate GenAI Usage

Identify what tools employees use and what information each retains. 

Publish GenAI Policies

Establish clear rules for acceptable use, including restrictions on sensitive data. 

Review Document Retention Policies

Confirm existing policies appropriately address GenAI ESI. 

Train Employees

Ensure employees understand GenAI ESI may be discoverable or business records. 

Monitor and Audit Use

Periodically assess compliance and identify whether sensitive or regulated data is being retained.

Preservation and Legal Holds

Update Legal Hold Procedures

Revise policies and templates to expressly cover GenAI ESI. 

Implement Deletion-Suspension Processes

Establish technical or administrative processes to preserve relevant GenAI ESI when obligations arise. 

e-Discovery Planning for Once Litigation Has Begun

Update e-Discovery Workflows

Update e-discovery protocols and outside counsel guidelines to address GenAI ESI, including data held by third-party vendors.

Incorporate GenAI into Case Strategy

Factor GenAI ESI into scope, proportionality, and burden decisions for collection, review, and production.

Protect Sensitive Information

Assess privacy, personal data, and cross-border transfer implications. 

Looking Ahead

As GenAI becomes increasingly embedded in business and legal workflows, preservation questions will arise more often in litigation and regulatory matters. Courts will likely apply existing discovery and information-governance principles to GenAI ESI as they have to other technologies. Organizations that understand how GenAI ESI is created, retained, and deleted—and align those practices with records management and legal hold processes—will be better positioned to meet preservation obligations and reduce spoliation risk.