Back to Articles
Security & Ethics Published June 28, 2026 8 min read
Purple legal technology security scene with digital lock, justice scales, secure legal framework, and forensic integrity indicators.
Security & ethics

Client Data Security:
What Your Legal Tech
Isn't Telling You

How local-first architecture, preserved originals, and SHA-256 proof protect confidential financial records.

  • Local. Keep case data on device.
  • Hash. Verify every original file.
  • Preserve. Maintain source evidence.
  • Prove. Support chain of custody.

Every divorce case you handle is a vault of the most sensitive data a person owns. Bank statements. Tax returns. Account numbers. Business records. Now ask yourself a harder question: where does all of that actually live once you upload it to a tool?

For most legal software, the answer is a vendor's cloud server, sitting next to the data of thousands of other clients. That design is convenient. It is also exactly what attackers want. One in five law firms reported a cyberattack in the past year, and among firms that were breached, 56% lost confidential client data. The average breach now costs north of $5 million, and only about a third of firms have an incident response plan ready when it happens.

This article is about the part of the sales demo nobody shows you: the architecture underneath. Cloud versus local. What leaves your device and what stays. How a file proves it has not been altered. For a family law practice, those details decide whether your tools help you meet your duties or quietly expose you.

1 in 5
law firms hit by a cyberattack in the past year
56%
of breached firms lost confidential client data
$5M+
average cost of a data breach

Security is now an ethical duty, not a preference

The rules already caught up to this. ABA Model Rule 1.6(c) requires lawyers to make reasonable efforts to prevent the unauthorized disclosure of client information. Rule 1.1 carries a duty of technology competence, and most states have adopted it. The ABA has issued formal guidance on cloud computing and on generative AI, and the message is consistent: these tools are permitted, but only with real due diligence on the provider and security measures proportionate to how sensitive the data is.

Financial records in a divorce are about as sensitive as it gets. So the bar is high. When you pick a tool, you are making a representation about reasonable care. If the tool funnels client data into a place you do not control and cannot audit, that representation gets harder to defend.

The uncomfortable questionIf your current tool were breached tomorrow, could you say exactly which client documents were exposed, where they were stored, and who had access? For most cloud tools, the honest answer is no. You are trusting the vendor's word.

Cloud convenience comes with a concentrated target

A cloud tool pools everyone's data in one place. That is what makes it easy to use from any browser. It is also what makes it a high-value target. Attackers know a single breach of a legal platform can expose hundreds of firms and thousands of clients at once. Threat actors now sit inside firm networks for weeks, quietly mapping the most valuable files before they strike.

Local-first design flips the model. The working case data lives on your device, not in a central vault. There is no single database holding every client's financial life, so there is no honeypot to crack. An attacker who wanted your data would have to target you specifically, and there is no master server that exposes everyone else if they succeed.

Cloud versus local-first attack surface A cloud model concentrates every client's data on one server, so one breach exposes all. A local-first model keeps each case on its own device with no central store. Cloud tool one breach exposes every client Local-first (Thrive) no central case database to breach Vendor server Client A Client B Client C Client D 1 breach = all clients Case Aon your device Case Bon your device Case Con your device Case Don your device no shared server linking them no master target to crack
The cloud model concentrates risk. Local-first design removes the single point of catastrophic failure.

Know exactly what leaves the device

Local-first does not mean nothing ever moves. Honesty matters here, because vague privacy claims fall apart under scrutiny, and a judge or opposing counsel will scrutinize them. The accurate picture is specific: the case dataset stays put, and only narrow, named pieces leave when a feature requires it.

In Thrive Financial, the full case record lives in your browser's local storage. Parsed statements, the asset and debt inventory, fraud findings, settlement work, and the audit log never sit in a Thrive-hosted case database. What does cross the network is limited and disclosed: selected document text goes to Google's AI service only when you run an AI parse or analysis, authentication and billing metadata flow through Firebase, and payments run through Stripe. That is the whole map. No hidden copy of the case file on a server you cannot see.

What stays on your device versus what leaves The full case dataset stays local. Only selected document text for AI parsing, auth and billing metadata, and payments leave the device. Stays on your device local browser storage Parsed bank & card statements Asset & debt inventory Fraud findings & settlement work Original documents & hashes Audit log Leaves only when needed disclosed and limited Selected document textto Google AI, only on an AI parse Auth & billing metadatato Firebase, not case content Payment detailsto Stripe at checkout the full case file is never one of these
A precise data map you can put in front of a client or a court. The case dataset stays local. Only named, limited pieces ever leave.

This precision is a feature, not a hedge. You can tell a client, in plain terms, that their complete financial file is not sitting on a third-party server. When you use an AI feature, you can disclose exactly what gets sent and get informed consent, which is the standard the ABA's AI guidance points to.

Proving a file has not been touched

Security is half the story. The other half is integrity. In a contested case, opposing counsel will ask whether the document you analyzed is the real one and whether anything changed along the way. This is where cryptographic hashing earns its keep.

A SHA-256 hash is a digital fingerprint. Run any file through it and you get a fixed string of characters. Change a single byte and the string changes completely. Thrive Financial hashes each original document when it is processed and stores that fingerprint with the parsed data. It also seals every exported case file with its own hash. If the file is altered later, the fingerprints no longer match, and the tool refuses to load it.

Chain of custody with SHA-256 hashing An original file is hashed and stored with a certificate. Later it is re-hashed and compared. A match verifies the file is unchanged. Original file PDF / image SHA-256 hash unique fingerprint Stored with data + certificate of authenticity Later: re-hash & compare ✓ match = unchanged ✗ mismatch = altered The original file is preserved beside its parsed data, so the source is always one click away.
The provenance package: original file, its hash, a certificate, and an audit log. Together they answer the authenticity question before it is asked.

The strongest provenance packageFor a disputed issue, the defensible bundle is the original downloaded source file, its certificate of authenticity, the matching sealed case file, the audit-log PDF, and the report that cites the issue. That gives the court a clear story of authenticity and process, far stronger than a screenshot or a spreadsheet excerpt.

Use this when you evaluate any platform that touches client financial data. The answers should be specific, not marketing.

  • Where does the case data live? On a vendor server, on your device, or both. Get the exact answer.
  • What exactly leaves, and when? A precise data map, not "we take security seriously."
  • Can you prove a document is unaltered? Look for cryptographic hashing and preserved originals.
  • Is there an audit trail? Timestamped logs of who did what, exportable for the file.
  • Who can access the data, and can you delete it? You should control export and deletion.
  • What happens in a breach? If there is no central store of your cases, the blast radius is smaller by design.
RiskTypical cloud toolLocal-first design
Central honeypot of client dataYes, all cases on one serverNo central case database
You control when data leavesLimitedYes, you export deliberately
Tamper-evident originalsVariesSHA-256 hash + preserved file
Breach blast radiusEvery client at onceOne device at most

Run the analysis without handing over the vault

Thrive Financial keeps the full case file on your device, seals every export with a SHA-256 hash, and preserves each original document with its fingerprint. Security your client can understand, and a court can verify.

See how it works

Frequently asked questions

Is cloud software safe for confidential client data?

It can be used ethically with real due diligence and security proportionate to the data's sensitivity. The trade-off is concentration: a cloud tool puts many clients' data in one place, so a single breach can expose all of them. Weigh that against the convenience.

What is local-first software?

Local-first software keeps the working data on your own device rather than a vendor's server. There is no central database holding every client's case, so there is no single honeypot to breach, and you control when data leaves.

How does a SHA-256 hash protect evidence?

It creates a unique fingerprint of a file. Change one byte and the fingerprint changes. By recording the hash when a document is processed, you can later prove the file is byte-for-byte identical to what was analyzed, which supports a clean chain of custody. See how this feeds financial analysis in our guide to AI and divorce finances.

Do lawyers have an ethical duty to secure client data?

Yes. ABA Model Rule 1.6(c) requires reasonable efforts to prevent unauthorized disclosure, and Rule 1.1 carries a duty of technology competence that most states have adopted. Tool choice is part of meeting it.

Further reading and helpful resources

Thrive Financial is a financial-analysis and case-organization tool, not a law firm or a substitute for licensed professional or security advice. This article describes the product's current architecture and general legal-ethics principles. It is not legal advice. Attorneys remain responsible for client confidentiality, informed consent, and lawful access to uploaded documents. Sources: ABA Model Rules of Professional Conduct and related formal opinions on cloud computing and generative AI. Law firm cybersecurity reporting (2025), including industry breach surveys cited by the ABA, FindLaw, and Embroker. FTC Safeguards Rule guidance.

Continue Your Investigation

Use these guides to keep moving from issue spotting into document review, security, and evidence building.