How to run a capable AI assistant over confidential client material — legally defensible, technically airtight, and explainable to the people whose trade secrets you hold. Two reports, one for the decision, one for the build.
What "legally covered" actually requires, the three deployment options side by side, real costs, and a clear recommendation — plus how to turn the setup into a client-trust asset you can sell.
A buildable architecture: threat model, deployment trust boundaries, model and hardware sizing, the full hardening checklist, an operational runbook, and a mapping from every control to the legal test.
Across EU, UK, Canada and the worldwide TRIPS baseline, a trade secret is protected only if its holder took reasonable steps under the circumstances to keep it secret. So the goal isn't perfect secrecy — it's a documented, proportionate chain of measures. Build to the strictest reading once, and you're covered everywhere your clients are.
"Who can technically read the prompts, the documents, the model's memory, the disk, and the logs — and can you prove it?" Each option is graded on how short and controllable that list is.