Privileged Communications + ML-DSA-65: A Practical Primer

Published: April 2026 | 8 min read

Attorney-client privilege protects communications between a lawyer and client from disclosure. The privilege is substantive—it doesn't protect the underlying facts, only the communications themselves. But privilege also assumes confidentiality. If a privileged email is intercepted, altered, or forged, the privilege may be waived or the evidence deemed unreliable.

Post-quantum cryptography, particularly ML-DSA-65 signatures combined with Sovereign Receipts, strengthens privilege protection in three ways: (1) non-repudiation (proof the communication came from the claimed sender), (2) non-tampering (proof the communication was not altered in transit), and (3) quantum-resistance (proof the communication is protected against future cryptanalytic break).

"Privilege + cryptographic proof = the highest confidence in the authenticity and integrity of the attorney-client record."

The Three-Layer Model

Layer 1: Encryption (Confidentiality). The communication is encrypted end-to-end using AES-256-GCM. Only the attorney and client can decrypt it. Even if an adversary intercepts the email in transit, they see ciphertext, not plaintext. This is standard TLS + S/MIME today, but the next step is post-quantum encryption (ML-KEM-768), which is resistant to quantum decryption retroactively.

Layer 2: Signature (Non-Repudiation & Integrity). The communication is signed with the sender's ML-DSA-65 private key. The recipient verifies the signature using the sender's public key. This proves: (a) the message came from the sender (they control the private key), and (b) the message was not altered after signing. Even if an adversary steals the email, they cannot forge a valid signature without the private key.

Layer 3: Timestamped Receipt (Proof of Standing). The communication passes through the Clearing House. The Clearing House issues a Sovereign Receipt, signed with its own ML-DSA-65 key and timestamped to the blockchain. This proves: (a) the communication arrived at the specified time, (b) the Clearing House verified the sender's identity, and (c) the communication is now on an immutable public ledger. This receipt is admissible as a business record and a cryptographic proof artifact.

Privilege Waiver & Inadvertent Disclosure

Privilege can be waived if an attorney or client inadvertently discloses a privileged communication. Federal Rule of Evidence 502(b) provides a qualified waiver: inadvertent disclosure does *not* waive privilege if the holder took reasonable precautions and promptly notified the disclosing party. Cryptographic evidence strengthens your "reasonable precautions" argument. If you can show that:

All privileged communications are encrypted (AES-256-GCM).
All communications are signed (ML-DSA-65) to prevent tampering.
All communications are logged to the Clearing House with immutable receipts.

Then, if a disclosure occurs, you have a paper trail proving you took reasonable precautions. The cryptographic evidence also makes it easier to *detect* inadvertent disclosure (the signature or receipt will be missing or altered if the email was intercepted mid-transit), allowing you to issue a prompt notice.

The Privilege Log

A privilege log lists all privileged documents withheld in discovery, citing the basis for privilege. Traditionally, a privilege log is a spreadsheet: document ID, date, subject, privilege type, brief description. Modern privilege logs can now include cryptographic attestation. For each privileged document, include:

Document ID + date
Privilege type (attorney-client, work product, etc.)
Brief description
Sovereign Receipt ID (the receipt hash proving timestamp and sender identity)
Signature verification URL (a link that allows opposing counsel to verify the receipt offline against the Clearing House's public key)

This transforms your privilege log from a *claim* of authenticity into a *proof* of authenticity. Opposing counsel can verify each receipt independently, without your involvement. Trust is replaced with mathematics.

Multi-Party Communications

Privilege gets complex when multiple parties are copied: client, attorney, accountant, co-counsel, etc. The privilege is waived if a non-privileged party (the accountant, outside counsel) is included without proper scope definition. ML-DSA-65 signatures help here by making the privilege scope explicit:

The email is signed by the primary attorney.
The Clearing House receipt lists the verified recipients (client, co-counsel with privilege scope).
The receipt includes the signature of each *authorized* recipient, confirming they received the privileged communication within scope.
If an unauthorized party (the accountant) requests the email, you can produce the receipt showing they were never a party, strengthening the waiver defense.

Practical Workflow: Privileged Email + ML-DSA-65

Step 1: Draft privileged email. Attorney writes email to client on subject of legal advice.
Step 2: Sign + Encrypt. Email client (Outlook, Gmail plugin) signs the email with the attorney's ML-DSA-65 certificate and encrypts with the client's public key (or shared symmetric key).
Step 3: Send to Clearing House. Email is sent to the client *and* forwarded to a privileged-log inbox connected to the Clearing House.
Step 4: Receive Sovereign Receipt. Clearing House issues a timestamped receipt, signed with ML-DSA-65, and stores the email hash on the ledger.
Step 5: Archive. Email and receipt are stored in the firm's document management system (DMS) with the receipt ID linked to the privilege log.
Step 6: Discovery. When discovery requests come, your privilege log cites the receipt ID. Opposing counsel can verify the receipt offline, confirming the email's authenticity without additional effort.

"Privilege used to be a claim. Now it's cryptographic fact."

Next Step: Read the Clearing House guide for implementing Sovereign Receipts in your privilege log workflow. Or subscribe to Legal Sovereign for updates on privilege law and post-quantum readiness.