fbpx

Management Assistance Program

An Unexpected Upgrade from Microsoft: What Lawyers Need to Know

By Jim Calloway

I was on the phone with a lawyer last week and told him to, “Open up Word.” The lawyer responded loudly, “What is this?” He then began to describe a series of text boxes that appeared at the top of his blank Word document. I realized he was describing Microsoft Copilot, Microsoft’s artificial intelligence tool. I knew this lawyer well enough to know he didn’t accidentally subscribe to Copilot. We finished the task, but I puzzled over this a bit.

Soon, it became clear that Microsoft had upgraded 365 Home subscribers to Windows Copilot with very little notice, except in technology trade publications and websites covering technology.

WHAT LAWYERS NEED TO KNOW 

Should I Be Using Microsoft Home for Work?

We recommend that lawyers use the business editions of Microsoft instead of home, due to its better security and administrative controls. Microsoft 365 Business Standard is $12.50 per user, per month, paid annually, and Microsoft 365 Business Premium is $22.50 per user, per month, paid annually.

Is This the Same Copilot for Which You Are Paying a Subscription Fee?

No, the Copilot consumer app is a conversational chat experience. This is similar to using Copilot in Bing. Copilot in Microsoft 365 brings Copilot to apps like Word, PowerPoint, Excel and Outlook, per Microsoft’s website. But such interaction with other files and Outlook is the primary way many lawyers use Copilot.

Is the consumer (Home) Version of Copilot Secure Enough for Lawyers?

The short answer is, “probably not enough.” The business/enterprise Copilot environment is built for corporate data security, compliance and privacy. It abides by strict tenant isolation, which means it does not use organizations’ or users’ data to train public models, and it includes a wide range of administrative controls and compliance capabilities.

The home/consumer Copilot environment (e.g., Windows Copilot or Bing Chat tied to a personal Microsoft account) provides basic consumer privacy protections under Microsoft’s standard privacy policies. However, it lacks the enterprise-level compliance framework and does allow some usage data to be collected (in aggregated or pseudonymized form) for service improvements, such as product performance or user experience.

If you handle HIPAA-protected information, you need at least a Business or Enterprise version of Microsoft 365-Home and Personal versions do not meet HIPAA requirements because Microsoft does not offer Business Associate Agreement (BAA) for those.

So, Is the Home/Consumer Edition Not Secure?

It’s not like there is an on/off switch for secure versus nonsecure. The business versions have more security features, like hard drive encryption. However, the home edition of Windows is just as secure as it was last month before Copilot was added to it.

As long as you are not giving Windows Copilot your confidential, personal information or any client information, feel free to try it and have fun planning your vacation itinerary, creating or locating recipes, teaching the family about geography or any of the interesting things you can do with AI. I must note you could have already done this by logging in to Bing and using Copilot that way.