To evaluate legal AI accuracy, test the system on representative legal tasks, verify every cited source, score distinct failure types separately, and measure how much qualified human review is still required. A single accuracy percentage or polished demonstration cannot show whether a tool is safe for your matters. The evaluation must reflect your jurisdictions, documents, workflows, and consequences of error.

Why is “accuracy” too vague for legal AI?

Legal work contains several kinds of correctness. A response may cite a real case but misstate its holding. It may summarise a clause accurately but miss an exception elsewhere in the agreement. It may identify relevant issues while relying on law outside the requested jurisdiction.

Treat accuracy as a set of observable dimensions:

DimensionEvaluation questionTypical failure
Source validityDoes every cited authority or document exist and open correctly?Fabricated or broken citation
EntailmentDoes the cited passage support the stated proposition?Real source, unsupported claim
CurrencyIs the authority or rule current for the research date?Superseded or amended material
JurisdictionIs the source appropriate for the specified forum?Persuasive material presented as controlling
CompletenessWere material issues, exceptions, and adverse sources considered?Confident but partial analysis
ExtractionWere facts, dates, clauses, and defined terms captured correctly?Omission or field mismatch
CalibrationDoes the answer express uncertainty when evidence is insufficient?False confidence
ReproducibilityCan another reviewer reconstruct the answer from the record?Untraceable synthesis

These dimensions should be scored independently. Combining them too early hides the risk that matters most. A system with strong prose and weak citation entailment may look impressive while increasing review effort.

What should a legal AI test set contain?

Build the test set from real work patterns, using completed or appropriately sanitised matters where expected answers and sources can be established. Include the tasks lawyers and legal operations teams expect to perform: legal research, document comparison, clause extraction, chronology building, issue spotting, and first-pass drafting.

The set should contain varied difficulty and deliberately uncomfortable cases:

  • clear questions with a known authoritative source;
  • ambiguous facts that require a clarifying question;
  • documents with cross-references, schedules, tables, and defined terms;
  • recent legal developments and older authorities with later treatment;
  • requests outside the selected jurisdiction;
  • incomplete records where the correct response is a limitation;
  • plausible but false premises;
  • sources that disagree; and
  • prompts that contain unnecessary confidential or personal information.

Do not make the test set public to the vendor or tune it repeatedly around one system’s behaviour. Keep a stable holdout set for later comparisons. When the team changes prompts or configuration, record the change so the next result remains interpretable.

For Indian legal research tasks, the companion guide to AI legal research in India explains source hierarchy and proposition-level verification.

How do you create reliable expected answers?

The reference answer needs its own quality control. Assign qualified lawyers to define the issues, acceptable sources, material contrary authority, and the boundaries of a correct response. Where reasonable lawyers may disagree, document the acceptable range instead of forcing a false binary score.

Each reference item should specify:

  • the task and intended user;
  • jurisdiction and research cut-off date;
  • source bundle or authoritative retrieval route;
  • required propositions or extracted fields;
  • permitted variations;
  • disqualifying errors;
  • risk classification; and
  • reviewer notes explaining judgment calls.

For United States-focused evaluations, the National Institute of Standards and Technology AI Risk Management Framework offers an official, voluntary framework for managing AI risk. Its emphasis on governing, mapping, measuring, and managing risk is useful beyond a single product or metric. Apply the legal and regulatory requirements relevant to your own jurisdiction rather than assuming a general framework resolves them.

How should citations and source support be tested?

Citation testing has at least two stages. First, check that the cited item exists and that its metadata is correct. Second, open the cited location and determine whether it supports the exact proposition.

Use a proposition ledger:

Proposed statementSource opened?Pinpoint supports it?Authority current?Jurisdiction fit?Reviewer decision
Statement under reviewYes / NoYes / Partial / NoYes / Unclear / NoYes / Partial / NoAccept / Revise / Reject

Do not give partial credit merely because a source discusses the same topic. Check whether the proposition came from the court or author, a party’s submission, quoted text, facts, or an operative holding. Read enough surrounding material to identify qualifications.

For Indian central legislation, compare statutory claims against India Code. For court material, use the relevant official court source where available, including the Supreme Court of India and eCourts Services. Preserve the source and access date used in evaluation because online materials and interfaces can change.

Which scoring method makes legal AI results actionable?

Start with task-level pass criteria and error severity. An error affecting a material legal proposition should not be averaged away by correct formatting or harmless details.

A practical severity model is:

  • Disqualifying: output could not proceed without complete rework or created an unacceptable legal, confidentiality, or security risk.
  • Material: a qualified reviewer had to correct a proposition, source, omission, or extraction that could change the work product.
  • Moderate: an error increased review effort or reduced usefulness but did not change the core result.
  • Minor: presentation or wording issue with no material effect.

Define those categories for each workflow before testing. Then report results by task, jurisdiction, document type, and severity instead of relying only on one aggregate figure. Capture abstentions and clarifying questions as possible signs of good calibration rather than automatic failures.

Also measure reviewer effort. Track whether the system reduces discovery and organisation work or merely shifts time into citation repair. Use consistent review instructions so comparisons between tools or versions remain fair.

How do you test retrieval rather than just fluent writing?

Ask the system to expose the basis for its response. A retrieval-oriented evaluation should examine whether relevant sources were found, important sources were missed, and irrelevant sources crowded the result. Review the corpus and retrieval approach offered by a provider, then test it against the source types you actually use.

Separate retrieval from generation where the interface permits. A weak answer can result from missing documents, poor ranking, incomplete parsing, or incorrect synthesis. Without that distinction, the team may apply a prompt change to a source-coverage problem.

For document tasks, create controlled files with known clauses and edge cases. Include scanned material, complex tables, appendices, repeated terms, and contradictory amendments if those appear in your practice. Record whether failures arose during ingestion, retrieval, extraction, or answer generation.

What security and privacy evidence should you request?

Accuracy does not make a system appropriate for confidential work. Evaluate security, privacy, deployment, identity, access, logging, retention, deletion, subprocessors, incident handling, and contractual allocation alongside output quality.

Ask the provider to demonstrate controls rather than relying on broad assurances. Map evidence to your proposed data flow:

  • what users submit and from which systems;
  • where content and metadata are processed;
  • which roles can access matter data;
  • how long prompts, files, outputs, and logs remain;
  • whether customer inputs are used for model training;
  • how data can be exported or deleted;
  • what happens when an integration or model provider changes; and
  • how suspicious activity and incidents are investigated.

The Gotham security page is a starting point for product-specific review, not a substitute for your organisation’s due diligence. Security teams should verify the selected architecture, configuration, and contractual terms against the intended use.

How should you evaluate workflow fit and human oversight?

A reliable result delivered outside the team’s actual working process may still fail adoption. Test the full path: matter intake, permissions, source selection, generation, review, export, versioning, audit record, and final approval.

Define who is accountable at each stage. The person operating the tool is not necessarily the person qualified to approve its output. Higher-risk tasks should require explicit review, while low-risk administrative assistance may use lighter controls.

Use practice and workflow views to map where the technology would sit. Test with the roles who will use and supervise it. Ask whether the system makes limitations visible, preserves source context, and supports correction without losing provenance.

A human-oversight checklist should confirm:

  • The user can see which inputs and sources shaped the output.
  • Material propositions can be traced to exact passages.
  • Reviewers can correct, reject, and annotate results.
  • Uncertainty and missing evidence are visible.
  • External use requires the appropriate approval.
  • Escalation paths exist for legal, privacy, and security concerns.
  • Changes to models, prompts, sources, or configuration trigger reassessment.

What should happen during a legal AI pilot?

Run the pilot in stages. Begin with the benchmark set, then supervised internal use, then a bounded production workflow. State entry and exit criteria for each stage. A calendar deadline should not override unresolved material failures.

Maintain an issue register that groups failures by root cause and consequence. Retest fixes against both the failed item and the holdout set. This guards against improving one prompt while degrading another workflow.

Include operational conditions: peak usage, slow responses, missing integrations, unavailable sources, revoked access, and provider outages. The pilot should show how users recover safely, not only how the product behaves when every dependency works.

Compare commercial options only after defining the required workflow and controls. The pricing page can inform procurement, while evaluation evidence should determine whether the proposed use is acceptable.

How often should legal AI accuracy be reassessed?

Reassess after material changes to the model, retrieval corpus, prompts, parsing, integrations, user workflow, or relevant law. Monitor production feedback and sample completed work for the same failure categories used in the pilot.

Keep versioned evaluation records. A previous pass does not prove that a changed system behaves identically. Document the configuration, evaluation date, source cut-off, reviewers, results, accepted limitations, and approval decision.

The evaluation should establish where a particular system, under a defined configuration and review process, provides useful assistance at an acceptable level of risk. It cannot prove that AI is universally accurate. If you want to build that evidence for your legal workflow, contact Gotham to plan an evaluation grounded in your documents, sources, and approval requirements.