MICKAI
Article · 2 July 2026

Privileged review without waiving privilege: sovereign AI for legal teams

Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. This is how it runs legally privileged review without ever letting the material leave the building.

Privileged review without waiving privilege: sovereign AI for legal teams
Author
Micky Irons
Published
2 July 2026
Follow Micky Irons
LinkedInX
sovereign AIlegal privilegeprivileged reviewcomplianceaudit record

Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. That single fact reshapes how a legal team can run privileged review. When the material is privileged, the model that reads it cannot sit in someone else's cloud, cannot log to a vendor's servers, and cannot leave the perimeter. We built for exactly that constraint.

Why privileged review breaks the public cloud model

Legally privileged material is the sharpest test of any AI deployment. Attorney work product, litigation strategy, board advice, and regulatory correspondence carry protections that evaporate the moment a document is shared with a third party who has no need to see it. A public cloud AI service is, in law and in practice, a third party. Sending privileged text to it can waive the very privilege the review was meant to protect, and it exposes the firm to obligations under UK GDPR special category data handling and, for cross-border matters, the US CLOUD Act.

We designed around this rather than apologising for it. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. Privileged documents are read, classified, and summarised by models that never leave the building. There is no vendor endpoint to subpoena, no third-party log to disclose, and no shared tenancy to reason about. The privilege stays intact because the data never moves.

Astraea: the legal studio

Our legal work runs in Astraea, the studio dedicated to legal analysis and compliance. It reads contracts, correspondence, filings, and disclosure sets, then produces structured output a qualified lawyer can check: privilege calls with reasons, issue tagging, clause extraction, and cross-references to the source passages. Astraea does not replace judgement. It gives a reviewer a defensible first pass over volumes that no team can read line by line in the time available, and it shows its working so every call can be audited.

Underneath, we run about fifty specialist models, twenty-five domain and twenty-five operational, with cross-model routing under a deterministic arbiter. The arbiter matters for legal work. Because routing and adjudication are deterministic, the same document produces the same output. A privilege determination is reproducible, not a fresh roll of the dice each time counsel reruns the set. That reproducibility is what lets a firm stand behind an AI-assisted review in front of a regulator or a court.

The Open Audit Record

Reproducibility is necessary but not sufficient. A review has to be provable after the fact. Every consequential action inside our system is written to the Open Audit Record. Each entry is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash-chained into a tamper-evident, append-only ledger. Anyone can verify that ledger offline, for decades, without trusting us as the vendor.

For privileged review this is decisive. When a document is marked privileged, withheld, or released, the record shows what was decided, by which model path, against which source text, and at what time, in a form that cannot be quietly rewritten. If disclosure is later challenged, the firm produces a chain of evidence rather than a promise. We also offer this capability on its own, as OAR-as-a-Service, for teams that want the audit ledger around processes we did not build.

Where legal review sits in the wider system

Astraea does not work alone. Nomos handles compliance mapping, Aletheia runs audit, and Trust Agent holds the perimeter so that only authorised users and processes touch privileged stores. For firms operating across sites, Pantheon, our post-quantum Layer 1 on testnet, gives multi-node attestation across fielded units with no central server, so each location can prove the integrity of its own records without phoning home. The legal studio is one instrument in a system built for regulated work end to end, from underwriting in Tyche to clinical review in Panacea to financial planning in Plutus.

The market that cannot use public cloud AI

Privileged review is one acute case of a much larger constraint. The sovereign AI market is roughly USD 40 billion in 2025, rising to about USD 148 billion by 2032. Around 0.85 million UK businesses, about fifteen percent, and roughly five million across the EU, legally cannot send data to public cloud AI at all. The drivers are concrete: PRA model-risk expectations (SS1/23), UK GDPR special category data, the NHS Data Security and Protection Toolkit, the EU AI Act high-risk classification, ITAR and EAR, the NIS Regulations, and the US CLOUD Act. Law firms and in-house legal functions sit squarely inside this population, alongside banks, insurers, hospitals, and defence suppliers.

Our wedge follows from this. We sell sovereign AI to regulated firms the public cloud cannot lawfully reach, and we license the patented stack to the platforms that want to reach them. Internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. That is potential-licensee sizing, not a signed book and not an infringement claim. A platform that adds a sovereign layer instantly reaches the regulated market it cannot serve today. We are an ally to the AI majors, not an adversary to them.

The intellectual property behind it

The architecture is protected. We hold 104 filed UK patent applications, roughly 2,340 claims, across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. Filing establishes priority and builds a prior-art moat around the sovereign design, the audit record, and the deterministic routing that make privileged review defensible. Mickai LTD is a UK company (Companies House 17166618), with Birmingham manufacturing secured, led by founder and chief executive Micky Irons.

What a legal team gets

For a firm handling privileged material, the offer is simple to state. The review runs on your hardware, so privilege is never waived by transmission. The models are deterministic, so the output is reproducible and can be stood behind. Every consequential action is signed and hash-chained, so the review is provable years later without trusting us. And the whole system was built for regulated work, not adapted to it after the fact. Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at micky@mickai.co.uk or on LinkedIn.

Does using an AI model for privileged review waive privilege?

It can, if the material is sent to a third party such as a public cloud AI service. Our system removes that risk because it runs entirely on the customer's own hardware, air gapped, with zero data egress. The privileged text never leaves the perimeter, so there is no third-party disclosure to trigger a waiver.

How can a firm prove what the AI decided during disclosure?

Through the Open Audit Record. Every consequential action is signed under post-quantum cryptography and hash-chained into an append-only ledger that anyone can verify offline for decades. If a privilege call is later challenged, the firm produces a tamper-evident chain of evidence rather than an unverifiable assurance.

Are the outputs consistent enough to rely on?

Yes. We route across about fifty specialist models under a deterministic arbiter, so the same document produces the same result. That reproducibility is what allows an AI-assisted review to be defended in front of a regulator or a court, rather than treated as a one-off that cannot be reconstructed.

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/legal-privileged-review. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles