How DDEAS prevents the Mata v. Avianca scenario

In a companion essay, I walked through Mata v. Avianca — the New York attorney who filed a brief citing six federal cases that ChatGPT had invented, the resulting $5,000 sanction, and the precedent that now informs every state bar's AI ethics guidance.

The lesson of that case is not that lawyers should avoid AI. The lesson is that lawyers using AI need defensibility infrastructure that the consumer tools fundamentally cannot provide.

This is how DDEAS — the Discover Docket Ethical and Accountability Standards — was designed to make the Mata scenario structurally impossible.

The four failures behind Mata

When Schwartz filed that brief, four things went wrong in sequence. Each one is a separate failure. Each one needs a separate defense.

Failure 1: No source validation. ChatGPT produced citations that looked authentic. Nothing in the tool's workflow forced an independent check against the actual case databases (Westlaw, Lexis, PACER) where the cases would have existed if they were real. The verification step never happened.

Failure 2: No confidence scoring. Every citation ChatGPT produced was presented with equal authority. There was no internal flag, no probability score, no warning that one citation was less certain than another. Schwartz had no signal to know which outputs needed more verification than others.

Failure 3: No audit trail. When the cases turned out to be fake, there was no contemporaneous record of what ChatGPT had been asked, what it had returned, or when. The hearing reconstructed the workflow from memory and screenshots — there was no defensible evidence of the actual process.

Failure 4: No chain of custody. Even if a record had existed, there was no way to prove it hadn't been altered after the fact. Anything Schwartz produced to the court was a snapshot of a system he himself controlled.

These are not theoretical gaps. These are the exact gaps that produced a sanction. Any AI tool used in legal practice that doesn't close all four is reproducing the conditions of Mata v. Avianca.

How DDEAS closes each gap

DDEAS is a four-layer framework. Each layer corresponds to one of the four failures.

Layer 1: Source validation against current law. Before any citation JILL produces is shown to you, the citation is checked against the authoritative case databases for your jurisdiction. If the case doesn't exist, it doesn't appear. If the citation is slightly off — a misnumbered volume, a transposed reporter — the citation is auto-corrected or surfaced as needing review. The hallucinated case never gets to your screen because the validation layer is the gatekeeper.

This is the structural difference between Discover Docket and generic AI. A consumer chatbot validates nothing. JILL cannot return a citation that hasn't cleared validation.

Layer 2: Confidence scoring on every output. Every legal proposition, every citation, every fact assertion that JILL produces carries an explicit confidence score (0-100). A high score (≥95) means JILL drew the conclusion from validated, current authority with strong textual support. A lower score signals that you should verify more deeply before relying on it.

The scores aren't decorative. They're produced by independent confidence models that score each output against the source material, the consistency of supporting authority, and the freshness of the underlying data. A drafted motion shows the score next to each paragraph. You always know where the certainty is — and where it isn't.

Layer 3: Cryptographic audit log. Every action JILL takes — every prompt you give her, every authority she retrieves, every output she returns — is recorded in an append-only audit log. Each entry is timestamped to the millisecond, signed with a cryptographic key tied to your firm, and hashed into a chain where every entry depends on the previous one.

This means you can produce a complete, contemporaneous record of any work session: what you asked, what JILL returned, which authorities she checked, what scores she assigned, and exactly when. The log can be filtered by matter, by date range, by user, or by specific output. It is built for two audiences — the supervising attorney reviewing associate work, and the court that may someday need to see exactly how a brief was researched.

Layer 4: Tamper-evident chain. The audit log uses the same hash-chain architecture that secures financial transaction systems and digital evidence in criminal cases. Each entry's hash includes the previous entry's hash. Altering any historical record breaks the chain, which is detectable on inspection.

This is the layer that makes the audit log evidence. A spreadsheet of your AI usage can be edited after the fact and is therefore worthless as defensibility material. The DDEAS audit log, like a properly maintained chain of custody for physical evidence, can be authenticated.

What this looks like in a real workflow

Picture the Mata workflow as it would have happened in Discover Docket.

You ask JILL: "Draft a motion to compel responses to Form Interrogatory 17.1. The case is venued in San Diego Superior Court, Dept. 73, Judge Wesley. Defendant served evasive responses on March 15."

JILL drafts the motion. The drafting layer pulls relevant authority. The validation layer checks every citation against the California case databases and the local rules of the San Diego Superior Court. Authorities that pass validation make it into the draft. Authorities that fail validation are flagged or dropped — they never reach you.

The draft arrives in your editor with citation chips: CCP §2030.300 (cite verified · current law), CRC 3.1345 (cite verified · current law), Dept. 73 standing order (verified · effective Jan 2026). Each chip is clickable; clicking opens the source document JILL relied on.

A confidence score appears next to each section of the draft: 96, 94, 89. The 89 is on a paragraph about Dept. 73's preferred meet-and-confer formatting; you click into it and see that JILL's confidence is lower because the standing order language is ambiguous on a specific procedural point. You decide whether that matters.

At the bottom of the draft is a DDEAS footer: Verification record · hash 8f2a1b9c · signed · chained. The full audit entry is one click away. You can export the verification record as a PDF and attach it to the matter file, or share it with co-counsel.

If opposing counsel ever challenges the drafting of this motion — say, in a Rule 11 motion alleging your firm submitted misleading authority — you have the chain of custody. The court can see exactly what was asked, what was returned, when, and which authorities were validated.

Why this matters for defensibility — not just compliance

There is a critical distinction here that I think gets missed in most AI-in-law conversations.

Compliance is about following the rules. Defensibility is about being able to prove you followed the rules when someone challenges you.

A lawyer who used a consumer chatbot carefully, double-checked every citation in Westlaw, and got the brief right is compliant. But if opposing counsel files a sanctions motion claiming the brief was AI-generated and unreliable, the compliant lawyer is in a bad spot. There's no contemporaneous record. There's no time-stamped trail of verification. Defending the work means reconstructing it under cross-examination.

The same lawyer using Discover Docket has the audit log. The verification record is exhibit A. The hash chain is exhibit B. The sanctions motion gets dismissed because the work is defensible by design.

This is the structural shift that DDEAS represents. We did not build a "trust us" framework. We built a prove it framework. The lawyer's ability to respond to a challenge — to a Rule 11 motion, to a bar inquiry, to a malpractice claim — is built into every output, automatically, from the first prompt forward.

The architectural decision underneath DDEAS

The reason DDEAS works the way it does is that we made an architectural decision early: ethics infrastructure has to be inseparable from the AI itself.

You cannot bolt verification onto a chatbot. You cannot wrap a hash chain around an external API call. You cannot retrofit defensibility into a system that wasn't built to produce evidence. The platforms trying to add "AI safety" features after the fact — bolting a chat panel and a few guardrails onto practice-management software built years before large language models existed — are working with the wrong building blocks. Their underlying architectures weren't designed for the legal defensibility problem.

We started with the defensibility problem and built outward. DDEAS isn't a layer above JILL. It is the foundation JILL sits on. Every output passes through every layer because they're not separable — the design doesn't allow you to turn validation off, or skip confidence scoring, or operate without the audit log.

That's why Discover Docket exists as a separate platform rather than as an AI feature on top of an existing one. The Mata problem can't be solved by an add-on. It can only be solved by architecture.

---

Chris Waters is a 25-year California civil litigator and the founder of Discover Docket. The first essay in this series — Mata v. Avianca: What every lawyer needs to know about AI hallucinations — provides the case-law background referenced throughout this piece.