Privilege log generation is the line item most litigators quietly dread and most clients never see broken out. The reason is structural: every withheld document has to be described in a way that lets opposing counsel and the court evaluate the claim of privilege without revealing the privileged content itself. Under the traditional workflow, a contract reviewer opens each document, reads enough of it to identify the participants and the legal subject matter, and types a unique description into a logging spreadsheet. That description — typically two or three sentences — is billed at $5 to $15 per logged entry on a typical mid-market matter.
The math compounds quickly. A 10,000-entry privilege log on a single commercial dispute represents $50,000 to $150,000 of pure description-drafting labor, sitting on top of the per-document privilege review fees that produced the log in the first place. On the larger investigations and second-request productions where logs routinely run into the tens of thousands of entries, the description-drafting line item alone can exceed the cost of the underlying review. And unlike responsiveness review — where the work product is a binary tag that drives downstream production volume — the privilege log description is text that almost no one will ever read carefully unless a fight breaks out over a specific entry.
That makes privilege log generation the highest cost-per-unit-of-value line item in the entire eDiscovery stack. The work is expensive, the output is rarely consumed, and the risk of getting it wrong — either by waiving privilege through inadequate description or by drawing a challenge for boilerplate — is substantial. It is the single line item where a competent large language model can compress cost most aggressively without changing the work product the court actually receives. The question is how to do it in a way that is defensible under SEC v. Thrasher, survives the cautionary lesson of Mt. Hawley v. Felman, and produces a privilege log description an attorney can actually certify under Federal Rule of Civil Procedure 26(g).
The doctrinal foundation for any modern, scaled privilege workflow is SEC v. Thrasher, 1996 WL 125661 (S.D.N.Y. Mar. 20, 1996). The producing party in Thrasher asserted privilege over a large volume of documents and argued that the burden of preparing a traditional document-by-document log outweighed its benefit to the SEC. Applying Federal Rule of Civil Procedure 26(b)(5), the court agreed and articulated what has since become the controlling two-prong test: a producing party may “provide summaries of the documents by category or otherwise limit the extent of his disclosure” where (a) a document-by-document listing would be unduly burdensome, and (b) the additional log would be of no material benefit to the discovering party in assessing whether the privilege claim is well-grounded. SEC v. Thrasher, 1996 WL 125661, at *1.
What Thrasher actually authorizes is a balancing exercise: the court weighs the marginal cost of more detailed logging against the marginal information that detail would give the requesting party. That framework has survived essentially intact for thirty years and has been incorporated into local rules and case management orders across the federal system. It is the doctrinal hook that lets a court approve a categorical log in lieu of a per-document log when the volume justifies it — and, by extension, the same framework that justifies any privilege workflow that uses automation to reduce the burden of detailed entries.
The relevance for AI-assisted logging is direct. If an LLM can produce per-document descriptions at near-zero marginal cost, the burden side of the Thrasher equation collapses. A workflow that historically would have justified a categorical log on burden grounds can now justify a per-document log on the same data. The Thrasher test is not an excuse to skip detail — it is a court-approved framework for matching the level of detail in a privilege log to the cost of producing it. AI changes the cost side of that equation, which means it expands the range of detail a court will expect a producing party to deliver. A litigator using an LLM-assisted workflow has fewer excuses, not more.
If Thrasher is the doctrinal opportunity, Mt. Hawley Insurance Co. v. Felman Production, Inc., 271 F.R.D. 125 (S.D. W. Va. 2010), is the doctrinal warning. Felman had produced a large ESI volume through vendor processing and Concordance and then sought to claw back a single sensitive email plus 377 other documents it claimed were inadvertently produced. Magistrate Judge Mary Stanley applied the five-factor reasonableness test under Federal Rule of Evidence 502(b) and concluded that Felman had waived privilege over the May 14 email because “Felman and Venable did not take reasonable steps to prevent disclosure of the May 14 email, that Felman and Venable have not satisfied all three subsections of Rule 502(b), and that they have waived protection for the May 14 email.” Mt. Hawley, 271 F.R.D. at 136.
The specific failings the court identified are the ones that matter for any AI-assisted workflow today. The court found that Felman had not performed quality-control sampling to test the reliability of the production, had not run simple keyword searches for known sensitive documents, had produced 377 privileged items in addition to the headline email, and had been notified of the inadvertent production by the opposing party rather than catching it in its own QC. Id. at 133–36. The unifying thread is the absence of human oversight as a check on a technical workflow. The court was not hostile to technology — it was hostile to the use of technology without a plan for testing whether the technology had actually worked.
Translated into the AI-privilege-log context, every Mt. Hawley failure has a direct analogue. A workflow that runs an LLM over a privilege population without sampling its outputs is the modern equivalent of running a keyword search without testing it. A workflow that lets the model’s draft descriptions flow straight into the logged production without an attorney reading them is the modern equivalent of relying on Concordance indexing and hoping the indexing was clean. The lesson of Mt. Hawley is not that automation creates waiver risk — it is that automation without a documented QC layer creates waiver risk. An AI-assisted privilege workflow that includes structured sampling, attorney review of borderline calls, and a written record of the QC steps is exactly the kind of workflow Mt. Hawley would have approved.
An LLM-drafted privilege description introduces two failure modes that did not exist in the traditional contract-reviewer workflow. The first is hallucination — the model generating language that is not grounded in the source document. In a privilege-log context, this typically looks like the model attributing the document to a person who is not actually copied on it, characterizing the legal subject matter in terms the document does not use, or labeling a communication as “in anticipation of litigation” when there is no contemporaneous indication of pending or threatened proceedings. None of those errors are visible to opposing counsel from the log entry alone. They become visible only when the underlying document is sampled, the underlying participant list is checked against the metadata, or a deposition exposes the inconsistency.
The second risk is the Rule 26(g) certification problem. Federal Rule of Civil Procedure 26(g) requires that every discovery response be signed by an attorney of record and certifies, after a “reasonable inquiry,” that the response is complete and correct. As Magistrate Judge Paul Grimm explained in Mancia v. Mayflower Textile Servs. Co., 253 F.R.D. 354 (D. Md. 2008), the rule was designed to make counsel “stop and think before acting,” and “the very act of making such boilerplate objections is prima facie evidence of a Rule 26(g) violation.” Id. at 357–58. Rule 26(g) does not contain an exception for descriptions written by a language model. The attorney signing the privilege log is certifying the AI’s output, which means the workflow has to make the human reviewer’s role meaningful rather than vestigial.
The failure mode to avoid is the rubber-stamp pattern, in which an LLM drafts ten thousand descriptions and an attorney scrolls through them in an afternoon and clicks “approve all.” That posture is functionally indistinguishable from the boilerplate-objection pattern Mancia condemned and the inadequate-supervision pattern that drove the waiver finding in Mt. Hawley. The Ninth Circuit’s four-factor privilege-log waiver test in Burlington Northern & Santa Fe Railway Co. v. United States District Court, 408 F.3d 1142, 1147 (9th Cir. 2005), reaches the same point from a different angle: boilerplate or under-particularized log entries are insufficient to assert privilege, and the court will not save the producing party from its own workflow choices. AI-drafted descriptions that are not validated by a human reader with subject-matter knowledge are, for these purposes, just a faster way to generate boilerplate.
A defensible AI-assisted privilege workflow has four moving parts. First, the LLM is constrained to extract its descriptive content only from the source document and its associated metadata — named individuals, dates, subject lines, custodian information, and quoted phrases must be verifiable against the file rather than generated from the model’s prior knowledge of the matter or the law. Second, every model output is graded for confidence, and any entry below a threshold is routed to a human reviewer with the underlying document open. Third, a structured sample of high-confidence entries is also routed to human review, so the QC layer is testing the model’s outputs across the full distribution rather than only the borderline calls. Fourth, the workflow logs every QC decision in a way that survives later challenge: who reviewed which entries, what they changed, and how borderline calls were adjudicated.
That four-part structure maps cleanly onto the controlling case law. The sampling and QC steps are the direct response to the Mt. Hawley failings — quality-control sampling, keyword testing of known sensitive documents, and proactive identification of waiver risks before opposing counsel finds them. The human-in-the-loop role at borderline confidence is the substantive “reasonable inquiry” that Mancia demands of counsel signing under Rule 26(g) — the attorney is doing real work, not certifying an output they have not seen. The audit log is the documentary record that lets the producing party demonstrate compliance if a challenge arises, and it is the same kind of record that Burlington Northern’s four-factor waiver test rewards: specificity in the description, timeliness in production, and a clear basis for the privilege claim. Burlington N., 408 F.3d at 1147.
The workflow should also be paired with a Federal Rule of Evidence 502(d) clawback order entered at the outset of the case. As the Advisory Committee observed and as Judge Andrew Peck has argued for years, a 502(d) order provides that disclosure does not waive privilege “regardless of the care taken,” which gives an AI-assisted workflow a legal safety net that the 502(b) reasonableness inquiry does not. A 502(d) order does not excuse sloppy practice — courts still expect the producing party to act reasonably, and as Mt. Hawley shows, a private clawback agreement that is not blessed as a 502(d) order may not survive a 502(b) challenge. But it is the single most important risk mitigation an AI-assisted privilege workflow should include.
DecoverAI’s privilege log generation product is built around the four-part workflow above. The platform runs an LLM-based classifier and description generator over the privilege population, grounds every description in extractable text and metadata from the source file, scores each output for confidence, and routes borderline calls and a structured sample of high-confidence entries to attorney review in the same UI where the underlying document is rendered. The reviewer’s edits are captured and logged; the audit trail is exportable as part of the production record. None of those steps are billed separately — privilege log generation is included in the platform’s flat $60/GB/month all-in price, with no per-entry charges and no per-user fees.
The cost-per-value math changes as soon as the per-entry billing line item disappears. On the same 10,000-entry log that costs $50,000 to $150,000 in the traditional workflow, the description-drafting cost on DecoverAI is effectively zero — what the firm pays for is the underlying GB-month and the attorney time spent on the QC layer, both of which are dramatically smaller than the line item they replace. In the Tax Credit Investigation matter, DecoverAI processed 30,000 documents in three days, including full privilege log generation, Bates stamping, and redactions. The client achieved a 98% cost reduction relative to the traditional vendor estimate, and the work product included a per-document privilege log produced through the workflow described above.
The thing to take away is that AI-assisted privilege logging is not a future capability waiting to mature — it is a present capability waiting to be paired with a defensible workflow. The doctrinal foundation is in place: SEC v. Thrasher sets the burden-vs-benefit test that justifies workflow-driven log structure, Mt. Hawley defines the QC obligations that any production workflow has to satisfy, Mancia defines the “reasonable inquiry” that Rule 26(g) requires of the certifying attorney, and Burlington Northern defines the four-factor adequacy test that any privilege log entry has to survive. A platform that integrates all four into a single workflow lets in-house counsel and outside litigators capture the cost savings without absorbing the risk.