Beyond DAISY, Legora and
the OpenAI partnership.
Dentons has the most sophisticated data-containment posture of any global firm — fleetAI's 30-day erasure, DAISY's model-agnostic control, an investment in “sovereign” Noxtua, and a direct OpenAI partnership that names data sovereignty and residency as the goal. Every one of those tools, though, still infers in someone else's datacenter. Cascadia is the next move the posture implies: inference on hardware the firm already owns.
| Tool | What it is | Where inference runs | On the firm's hardware? |
|---|---|---|---|
| fleetAI | Private GPT-4 chat + document Q&A (UKIME, Aug 2023) | OpenAI GPT-4 via Microsoft Azure · UK-hosted · 30-day erase | No — Azure cloud |
| DAISY | Model-agnostic GenAI platform (Europe + Central Asia, May 2025) | Router over third-party LLMs · hosting undisclosed | No public on-prem story |
| OpenAI partnership | ChatGPT Enterprise firmwide across UKIME (Dec 2025) | OpenAI cloud · pursuing UK data residency | No — vendor cloud |
| Noxtua | “Sovereign” European legal LLM (Dentons is an investor) | Sovereign EU cloud in every shipped deployment | Claims on-prem, but unelaborated |
| Legora | Agentic legal workspace, Europe-wide rollout (Jun 2025) | Microsoft Azure (Azure OpenAI) · pick a region | No — cloud only |
Every tool above runs inference in someone else's datacenter. Noxtua is the only one that even claims an on-prem option, and it's a single unelaborated sentence — every shipped deployment is a sovereign EU cloud (Deutsche Telekom, IONOS). Cascadia runs on the Intel AI PCs the firm already owns, in the firm's own room. The question stops being “EU or US datacenter?” and becomes “whose building is the GPU in?”
Data on the firm's own hardware, with no US provider in the chain, has no target for a CLOUD Act order or a FISA §702 directive — there is no covered provider to serve. Sovereign cloud from a US provider reduces routine egress but cannot sever that legal hook; Microsoft's own EU Data Boundary docs confirm Anthropic inference is processed in the US and is out of scope for the boundary. On-prem removes the hook entirely. (Stated narrowly: this is about removing the legal target, not declaring sovereign cloud worthless.)
DAISY is explicitly Europe + Central Asia; fleetAI and the OpenAI/Legora rollouts are UKIME / European. That leaves the Americas, APAC, Africa and the Middle East. And for hard data-localization regimes — Russia (242-FZ), China (CII + “important data”), India (RBI payments), Vietnam — foreign-cloud-only is non-compliant and in-jurisdiction inference is the clean path. A mesh of local machines deploys to any office, in any jurisdiction, with no new datacenter contract.
In US v. Heppner (SDNY, Feb 2026) a court held a litigant's exchanges with a consumer AI were not privileged — Dentons published its own client alert on it. ABA Formal Opinion 512 (2024) warns that self-learning GenAI “by their very nature” risk improper disclosure of one client's information “even … at the same firm,” and requires client informed consent that boilerplate cannot satisfy. A self-contained on-prem model that never pools or transmits inputs structurally avoids the cross-client-leak risk and can moot the consent trigger.
In August 2023 Dentons unwound the combination with its Chinese member firm Dacheng — citing, in its own words, an evolving environment around “data privacy, cybersecurity, capital control and governance.” A global firm concluded it could not keep an integrated data environment shared with offices under a strict data-localization regime, and restructured rather than risk it. The same conviction shows in the firm's investment in a “sovereign” European AI. Cascadia extends that instinct to its logical end: not a sovereign datacenter, but the firm's own machines.
- Cloud legal AI isn't “illegal” across APAC, the Gulf or India. Most of those regimes permit cloud with conditions (adequacy, SCCs, consent). The hard mandate applies only to the localization subset above — elsewhere the honest hook is friction and fragility, not prohibition.
- No US bar rule requires on-prem. The ethics argument is risk-reduction — shrinking the “reasonable care” surface and mooting Op. 512's consent trigger — not a mandate.
- Most M&A clean rooms are access-controlled virtual data rooms, not air-gapped laptops. The genuine air-gap case is classified / SCIF / IL6 work and (historically) ITAR technical data — where on-device inference is the only way to bring an LLM into the room at all.
- Noxtua and Microsoft's EU Data Boundary do reduce exposure. The claim is one of degree and legal-hook removal — on-prem > EU-sovereign cloud > US-provider sovereign region — not that everything else is theatre.
Four legal agents, every token inferred on-prem, every step showing the serving node and a signed receipt.
Sources, dates and confidence flags for every claim on this page are in docs/DENTONS-BRIEFING.md. Demo data is synthetic and illustrative.