Harvey AI Details Zero-Access Data Architecture as Legal Tech Race Heats Up
Summary
Harvey, a $5 billion legal AI platform, has published a detailed overview of its data security architecture, emphasizing a “zero data access” approach. This means customer data – inputs, outputs, and uploaded documents – remains inaccessible to Harvey’s own staff, enforced through role-based access controls and network segmentation. A key feature is Bring Your Own Key (BYOK) encryption, allowing customers to manage their own encryption keys and revoke access at any time, immediately rendering data inaccessible.
The company utilizes TLS 1.2+ encryption for data in transit and AES-256 encryption at rest, with documents decrypted only in memory during processing and then destroyed after defined retention periods. Harvey also employs an ephemeral processing model, where data is assembled only for the duration of a request and deleted afterward, preventing data contamination or use in model training.
This disclosure comes as Harvey expands globally, with new offices in Singapore, Sydney, and Bengaluru, and as it integrates with platforms like Box. The move is designed to appeal to risk-averse enterprise clients, such as HSBC, Bridgewater, and NBCUniversal, who are demanding robust security measures before adopting AI tools. Harvey’s transparency is setting a new benchmark for data security in the competitive legal tech landscape.
(Source:Blockchain News)