A Texas business court held that a company executive’s ChatGPT conversations about his own case are protected work product — then ordered him to identify every produced document he fed into the tool, including material covered by the protective order. It is the first state-court decision in this spring’s AI work-product line, and the first to flag protective-order breach as a separate, still-open question.
Case: Tate Grp. Auto., LLC v. Legacy Auto. Cap., LLC, No. 25-BC11B-0020 Court: Texas Business Court | Decision: June 3, 2026 | Judge: Grant Dorfman
By Kelly Twigger
Podcast | Transcript
A work product win, with a catch
On June 3, 2026, in a minute entry following an in-camera review, Judge Grant Dorfman of the Business Court of Texas held that a company executive’s ChatGPT conversations about his own litigation are protected attorney work product. That is the headline, and it is a win for the party. But it comes with two things every litigator needs to read carefully: an inventory obligation most practitioners have not priced in, and an open protective-order question that sits inside nearly every order on file today.
This is the fifth decision this spring to take up AI and work product, and the first from a state court. The episode walks through what the court held, why it held it, the inventory the court ordered, and the question Judge Dorfman flagged on his way out the door.
Case of the Week
Where Tate fits in the line of cases
Across every AI-in-discovery ruling this year, the dispositive question has been the same: not what the AI did, but who was at the keyboard, and why. We have been building this body of law across several Case of the Week episodes.
In Warner v. Gilbarco and Morgan v. V2X, the user was a pro se litigant acting as both party and advocate. Work product applies, and feeding material into an AI tool is not a waiver, because waiver of work product requires disclosure to an adversary — and an AI tool is not the other side. That is the rule. In United States v. Heppner, the user was a represented party operating outside his lawyer’s direction. No protection. That is the exception. And in Conservation Law Foundation v. Shell, the user was a testifying expert, and the court held the expert’s AI methodology — including the prompts — discoverable under Rule 26.
Tate is the case that had both the rule and the exception sitting on the desk, and had to choose. It chose the rule.
What the court held
The court adopted Gilbarco and Morgan by name, expressly disagreed with Heppner, and held the chats protected. The critical part is why.
Those were all federal cases, decided under the federal work product rule, Rule 26(b)(3). Texas has its own work product rule, Rule 192.5, and it is broader. It protects material prepared and mental impressions developed in anticipation of litigation “by or for a party” — not by or for a lawyer. Kris Tate is a party. His litigation-related ChatGPT conversations are the mental impressions of a party in anticipation of litigation, and they fit inside the rule on its face.
That is the entire reason the chats are protected here. Mr. Tate was a represented party using AI on his own — not pro se, and not at the direction of counsel. Run that same fact pattern in federal court and it looks like Heppner, which lost. The word “party” in Texas Rule 192.5 is what carries this result, and that language is an outlier, not the norm. The practical consequence: do not assume Tate travels outside Texas, and do not wield it as leverage in a federal matter, where a court will not appreciate case law argued on a rule that does not apply.
The inventory obligation
Protecting the content of the chats was only half the ruling. The court held that work product protection “extends only so far,” and — reasoning from Morgan, which required a party to disclose the identity of the AI tool it used — ordered Tate Group to identify, by Bates number, every produced document it had fed into ChatGPT, including material produced under the protective order.
Keep the two halves separate, because litigators need to. The substance of what the executive asked ChatGPT — the analysis, the strategy, the mental impressions — stays protected. The inventory of which produced documents went into the tool does not. If a produced document touched an AI platform, you should assume you will have to account for it.
There is a flip side worth holding onto. The other side’s input list is intelligence. It tells you which documents they thought mattered and what questions they were asking, which is a deposition waiting to happen.
The open question: protective-order breach, not waiver
Here is where it is easy to think we have already answered the question about waiver. We have answered part of it. Morgan settled waiver: putting work product into an AI tool does not waive it, because an AI vendor is not an adversary. That is decided.
But a protective order does not measure “disclosure” by adversary status. It bars disclosure of Confidential Information to anyone outside a defined list of permitted recipients — counsel, experts, the court, support staff. That is a far wider net. So the question Tate surfaces is different: not whether AI use waived work product — it did not — but whether feeding produced documents into a third-party AI tool breaches the protective order itself. Same word, “disclosure,” two different standards. The court ordered the inputs identified and said it would “be prepared to address any potential violations of the Protective Order’s terms if and when they may be shown to have occurred.” Flagged, not decided.
It helps to see what Morgan actually did. Its clauses — no training on inputs, no onward disclosure, deletion on demand — were a prospective fix: how to write the order going forward so that AI use is bounded and permissible. They do not resolve Tate‘s situation, which is confidential data already sitting in the tool, fed in under an order that never mentioned AI. That exposure is widespread. Parties have been pasting confidential documents into these tools since 2022, under protective orders signed years before anyone was thinking about large language models.
And here is why the question is genuinely contestable rather than obvious. A review platform sorts and filters your data. A generative tool creates new content from it, and may retain it or train on it. It is not passive infrastructure. That generative step is what makes the “it’s just a tool, like cloud storage” defense weak — and it raises a further question no court has reached: if the tool generates new content out of your confidential documents, is that output discoverable?
What to do this week
Audit the word “disclose” in your active protective orders. Ask whether it reaches an AI tool. If you cannot answer that with confidence, neither can the judge, and that uncertainty is risk exposure you are carrying for free. Bring AI-specific language to the next negotiation, and amend existing orders where a matter is active and AI is in play.
- Keep a record of what you put into AI. The chats may be privileged; the inventory of documents you fed the tool increasingly is not. Track what was used, on what platform, on what data — both to prove protective-order compliance and to mine the other side’s input list if you can get it.
- Triage by matter. A five-year-old case with discovery closed may not need an amendment. An active discovery matter with people using AI does.
- Do not over-read Tate. It is a Texas-rule decision. Run the federal analysis on your own facts, and do not rely on it outside Texas.
What to watch
Tate is a minute entry, not a written opinion, and the protective-order breach question is reserved, not resolved. Watch for whether the court reaches it once the input inventory is produced — that is the first time a court will squarely decide whether sharing produced documents with an AI tool violates an order that never contemplated one. And watch the federal gap: a represented party’s solo, uninstructed AI use has not been protected in federal court, which is exactly the profile that won here only because of the Texas rule.
Listen to the full episode
This week’s Case of the Week segment of the Meet and Confer podcast walks through Conservation Law Foundation v. Shell in detail, including the full analysis of the publicly available briefs from the parties’ letter briefing and CLF’s Rule 72(a) Objection. Listen on Meet and Confer
See Minerva26 in action
Minerva26 is the discovery intelligence platform that connects case law, rules, and real-world workflows. We curate and tag close to 50,000 discovery decisions by issue, so when you are preparing for a meet-and-confer, drafting a Rule 29 stipulation, or building an opposition to a motion to compel expert AI use, the rulings you need are already organized for you. Book a 30-minute demo
Related on Minerva26: Warner v. Gilbarco · Morgan v. V2X, Inc. · United States v. Heppner · Conservation Law Foundation v. Shell
This decision is available on the Minerva26 platform with full issue tagging. If you’re a litigator navigating discovery strategy and want to stay ahead of decisions like this one, visit Minerva26.com to learn more or schedule a demo. Every decision covered on Case of the Week is searchable by issue, jurisdiction, and judge.
If it’s about the discovery of ESI, it’s covered in Minerva26, your discovery strategy platform.
- 📩 Get the newsletter
- 🎧 Listen to Meet and Confer
- 🔁 Share this post on LinkedIn
