Not every AI interaction in litigation is automatically shielded. A Colorado federal court’s March 2026 ruling in Morgan v. V2X confirms that while the work-product doctrine can protect a litigant’s use of AI tools, the protection is not absolute — and a party who cannot demonstrate that identifying the specific AI platform would reveal mental impressions or litigation strategy may be ordered to disclose which tool they used. The case also produces one of the first court-ordered AI data-handling provisions in discovery law.
Background and Facts
Archie Morgan, a pro se litigant, brought suit against V2X, Inc. in the District of Colorado. In the course of litigation, it emerged that Morgan had used AI tools to assist with the preparation of his case. The defendants sought discovery on the question: specifically, they wanted to know which AI platform Morgan had used. Their argument mirrored the approach taken by the defendants in Warner v. Gilbarco — that AI-related materials were not entitled to work-product protection, and that the identity of the AI tool was therefore a proper subject of discovery.
The court, however, began its analysis from a different starting point. Rather than treating work-product protection as inapplicable to AI interactions categorically, it asked the same question it would ask of any asserted work product: does the specific material sought reveal the litigant’s mental impressions, strategy, or legal thinking? The court found that the work-product doctrine under FRCP 26(b)(3) can, as a matter of legal principle, protect a pro se litigant’s use of AI tools. This was a significant concession to the pro-protection position and an important doctrinal development for self-represented parties.
But the court then turned to the specific facts. Morgan had not demonstrated, with particularity, that identifying which AI platform he had used would reveal anything about his mental impressions, litigation strategy, or legal theories. The name of a tool — ChatGPT, Claude, Gemini, or any other — is not, by itself, opinion work product. The court therefore ordered Morgan to disclose the identity of the AI platform he had used, while making clear that this disclosure obligation did not extend to the content of his interactions with that platform.
What the Court Decided and Why
The court’s decision operates on two distinct levels, and it is important to hold them separately.
At the doctrinal level, the court affirmed that FRCP 26(b)(3) work-product protection is available to pro se litigants — not merely to parties represented by counsel — and that it can, in principle, extend to AI-related litigation preparation. This matters because it closes off the argument that pro se parties, lacking a formal attorney-client relationship and the associated privilege, are also excluded from work-product protection. Work-product doctrine protects the process of litigation preparation, not merely the attorney-client relationship, and the court correctly extended that logic to unrepresented parties.
At the factual level, however, the court found Morgan’s specific claim insufficient. He had not shown that the mere identity of the AI platform he used was itself protected. The analogy would be a represented party asserting that the identity of the legal research database their attorney used — Westlaw or LexisNexis — was work product. The name of the tool, absent more, does not reveal strategy. Morgan was therefore ordered to identify the platform.
The more practically significant portion of the ruling concerned the court’s amendment of the existing Protective Order. The court imposed three specific conditions on any party wishing to use AI tools in connection with Confidential Information produced in discovery. The AI service provider must be contractually barred from training on user inputs. The provider must limit disclosure of inputs to what is strictly necessary for service delivery. And the provider must permit deletion of uploaded information upon request. These three conditions collectively address the core data-security concern that makes mainstream generative AI tools — in their standard configurations — unsuitable for use with sensitive litigation materials.
The Principle Established
The holding in Morgan v. V2X refines and contextualises the broader principle that AI use in litigation can attract work-product protection. Protection is available, but it is not automatic and it is not unlimited. A litigant asserting work-product protection over AI-related materials must demonstrate, as with any claimed work product, that the specific materials sought would reveal mental impressions or litigation strategy. The name of an AI platform, standing alone, does not meet that standard.
The Protective Order amendment is perhaps the more durable contribution of the case. It provides a judicial template for how AI tools can be used in the context of discovery materials: closed platforms with contractual non-training commitments, limited disclosure, and deletability. Open AI tools — those that train on user inputs, retain data indefinitely, or cannot guarantee deletion — do not meet this standard and are effectively barred from contact with Confidential discovery materials under the amended order.
Practising lawyers should note that this framework imposes obligations that go beyond merely choosing a “private” or “enterprise” subscription. The conditions require contractual assurances from the provider — terms of service provisions, data processing agreements, or equivalent commitments. Due diligence on the AI vendor’s data practices is now a discoverable litigation risk, not merely a matter of internal firm policy.
The India Angle
The three-part AI vendor framework mandated by the Morgan court aligns closely with the principles that Indian advocates must already apply under the Bar Council of India Rules on professional conduct and under the emerging framework of the Digital Personal Data Protection Act, 2023. The DPDPA requires that personal data be processed only for the purpose for which it was collected, that processing be limited to what is necessary, and that data fiduciaries implement technical and organisational safeguards. An AI vendor that trains on client data, retains it indefinitely, or cannot support deletion would fail these requirements under Indian data protection law, just as it would fail the Morgan court’s conditions under American discovery law.
For advocates in India, the more immediate practical implication concerns vendor due diligence. Indian law firms and individual advocates who use AI platforms for client-related work should, at a minimum, review the relevant terms of service to confirm: whether the platform trains on inputs submitted by subscribers; what the data retention policy is; and whether deletion of submitted data can be guaranteed. The absence of such contractual assurances is not merely a professional ethics risk — it may, as the DPDPA framework develops and its implementing rules are notified, constitute a violation of the Act’s data minimisation and storage limitation principles.
Case Details
| Case Name | Archie Morgan v. V2X, Inc. |
| Court | United States District Court, District of Colorado |
| Decision Date | 30 March 2026 |
| Key Issue | Whether work-product protection covers a pro se litigant’s AI use; whether identity of AI platform is discoverable |
| Holding | FRCP 26(b)(3) can protect pro se litigant’s AI use; but bare platform identity is not opinion work product — plaintiff ordered to disclose which AI tool was used |
| Protective Order Amendment | AI tools used with Confidential discovery materials must: (1) be contractually barred from training on inputs; (2) limit disclosure of inputs to service necessity; (3) permit deletion of uploaded data |
| Significance | Establishes that AI work-product protection requires a particularised showing; creates first judicial AI data-handling framework for discovery materials |