back
The Hallucination Excuse Is Running Out of Time
EdgeFiles

The Hallucination Excuse Is Running Out of Time

About the Author

Sources

Courts are beginning to treat repeated AI failures as evidence of professional and organizational neglect

For three years, the legal profession has responded to AI-generated fabrications as though each new case were another extraordinary lapse. A lawyer submits a nonexistent precedent. A brief attributes an invented language to a real judge. A court discovers that the authority supporting an argument does not exist. The lawyer apologizes, the judge issues a warning or sanction, and the incident becomes another cautionary story about the dangers of generative AI. That framing is becoming harder to defend.

Damien Charlotin’s AI Hallucination Cases Database now catalogs 1,752 legal decisions from courts and tribunals around the world in which hallucinated material entered, or was alleged to have entered, a legal proceeding.

The database includes fabricated cases, false quotations, misrepresented holdings, invented legal rules, and other forms of synthetic authority. It covers lawyers, self-represented litigants, judges, experts, prosecutors, and other participants in the legal process. Its significance lies less in the size of the number than in the existence of the record.

Legal hallucinations are no longer scattered anecdotes remembered through a handful of notorious cases. They have become a searchable body of institutional evidence. The incidents can be compared across jurisdictions, types of litigants, legal fields, sanctions, and professional consequences. Patterns that were previously easy to dismiss as individual carelessness can now be examined as recurring failures of verification, supervision, procurement, training, and accountability.

The database changes the question. Courts no longer need to ask whether lawyers should have known that generative AI can invent legal authority. The profession has accumulated years of decisions, ethics guidance, public sanctions, continuing-education programs, firm policies, vendor warnings, and international publicity.

The question is why the same failures continue after everyone has been warned.

A Database of Judicially Visible Failure

Charlotin’s project does not attempt to record every questionable use of AI in legal work. It focuses on decisions in which a court or tribunal addressed hallucinated content in more than a passing reference. Mere accusations ordinarily do not qualify unless the judicial record gives them substance, although the database acknowledges limited exceptions where AI use was alleged but not confirmed.

The database is not a survey of how often lawyers use ChatGPT, Claude, Gemini, or specialized legal systems.

It cannot measure the hallucinations discovered and corrected inside law firms before filing. It cannot count false propositions that pass unnoticed by opposing counsel and the court. It does not reveal every matter settled before an AI-generated error becomes part of a published decision.

It records the failures that became judicially visible.

Even that narrower universe has grown large enough to support structural analysis. As of July 13, 2026, the database listed decisions from the United States, Canada, Australia, the United Kingdom, continental Europe, Asia, Latin America, Africa, the Middle East, New Zealand, international arbitration, and several smaller jurisdictions. The United States accounted for the majority, but the phenomenon was plainly not confined to a single country, a single procedural system, or a single segment of the profession.

The material also extends beyond citations to imaginary cases. The database classifies fabricated authority, false quotations, misrepresented sources, outdated advice, invented legal norms, false exhibits, and submissions that attribute unsupported propositions to real decisions. These distinctions reveal how the problem has evolved. A filing can be dangerously unreliable even when every case name in it is real. Generative systems may alter a holding, invent a quotation, collapse separate doctrines, or represent dicta as binding law. Simple citation checking catches only the crudest version of the failure.

The Legal System Is Producing Its Own Incident Registry

Other safety-critical fields build incident databases because individual failures rarely disclose the whole risk. Aviation investigators study near misses and crashes across fleets. Cybersecurity teams analyze vulnerabilities across organizations. Medical institutions track adverse events to find weaknesses in procedures, equipment, and supervision.

The law has generally treated defective filings as matters between a court and the participants before it. One judge sees one unreliable brief and determines an appropriate response under local rules. Another judge encounters a similar filing months later, without an easy way to situate it within a broader pattern.

Disciplinary bodies may receive referrals, but their proceedings are fragmented among jurisdictions and are not always public.

Charlotin’s database creates an informal incident-reporting layer across those boundaries. It does not have the authority of a regulator, bar association, or judicial administration office. Its classifications necessarily involve editorial judgment. Yet it performs a function that no single court is positioned to perform: it aggregates the visible failures into a common record.

That record can expose developments that remain obscure when cases are considered separately. It can show whether monetary sanctions are increasing, whether courts are referring more lawyers to disciplinary authorities, which jurisdictions are producing the most decisions, and whether certain types of fabricated content appear more frequently. It can also show when the same attorney, firm, workflow, or explanation appears again.

The value of the database therefore extends beyond documenting misconduct. It supplies the foundation for a more mature form of governance. Once failures can be counted and compared, they can influence professional standards, insurance underwriting, client diligence, vendor assessment, law-firm controls, judicial training, and disciplinary policy.

A collection becomes infrastructure when institutions begin relying on it to understand their own risk.

Courts Have Moved Beyond Surprise

The earliest legal hallucination cases carried an element of disbelief. Judges confronted citations to decisions that could not be found and explanations involving technology whose professional use had not yet been widely examined. Some opinions devoted substantial attention to describing generative AI and explaining how a fluent system could manufacture authority.

That explanatory phase is ending. On July 10, 2026, the U.S. Court of Appeals for the Eleventh Circuit rebuked attorney Anthony Sabatini after briefs contained fabricated and hallucinated citations. The court found that the problem occurred more than once and concluded that outsourcing legal work to an AI system did not relieve counsel of professional responsibility. The matter was referred to the court’s lawyer-conduct committee.

Three days later, Reuters reported another federal judicial rebuke involving attorney Tyrone Blackburn. A magistrate judge in New York described a continuing pattern involving fabricated quotations and noted that Blackburn had already faced sanctions in other federal courts over alleged AI-related inaccuracies. The judicial response focused not only on the false material but also on repetition, minimization, and the attorney’s conduct after the problem was identified.

Those decisions fit a broader progression. Courts have imposed monetary sanctions, struck briefs, ordered adverse costs, issued public reprimands, disqualified counsel, suspended lawyers from practicing in particular courts, and referred matters to professional disciplinary authorities.

Some opinions have emphasized candor after discovery. An attorney who promptly identifies the source of an error, corrects the filing, and cooperates may be treated differently from one who offers evasive explanations or continues defending fabricated material.

The misconduct is no longer defined solely by the moment an AI system generates a false citation. Judicial attention increasingly extends to everything that happens around it: who reviewed the filing, what warnings existed, whether supervisors were involved, how the lawyer responded, and whether similar conduct had occurred before.

The hallucination may begin with software. Institutional failure arises from human decisions.

The Sanctions Gap

The response across courts remains uneven. Some judges impose modest financial penalties. Others order ethics training or require notification of clients. More serious cases lead to public reprimands, practice restrictions, disciplinary referrals, or findings that damage an attorney’s credibility well beyond the immediate litigation.

This variation is partly unavoidable. Courts assess intent, harm, repetition, procedural posture, candor, prior history, and the lawyer’s response. A single corrected citation in an otherwise supportable filing is not equivalent to a brief constructed around invented precedent. A junior lawyer who immediately discloses an error presents a different case from an attorney who accuses opposing counsel of wrongdoing after false quotations are exposed.

Yet the inconsistency also reflects the fact that the legal system is still deciding how to classify the conduct.

Is an AI hallucination primarily a competence failure, a lack of reasonable inquiry, a breach of candor, deficient supervision, or an attempt to mislead? Different doctrines produce different remedies.

Existing rules already cover much of the conduct. Lawyers certify that their factual and legal contentions have a proper basis. They owe duties of competence, diligence, candor, and supervision. They cannot delegate professional judgment to software, a contractor, a paralegal, or an associate and then disclaim responsibility for the result.

Generative AI did not create those duties. It created a workflow capable of violating several of them at once.

The more difficult problem arises when sanctions remain attached only to the individual filing attorney. Modern legal work is frequently produced through teams, document systems, outsourced research, knowledge platforms, automated drafting products, and firm-approved technology. A fabricated citation may survive because several controls failed, even though only one lawyer’s name appears on the document.

Courts are equipped to discipline the signer before them. They are less consistently positioned to evaluate the organization that designed, approved, and supervised the workflow.

Verification Failure Is Rarely a Single Failure

The phrase “failure to verify” sounds like one missed step. In practice, it may describe a chain of omissions. Someone selected a tool for a task that it could not reliably perform. The person using it may not have understood whether the system was searching authoritative legal sources or generating a probable answer from language patterns. The output was entered as a draft without source documents attached. A reviewer assumed citations had already been checked. A supervising lawyer reviewed the argument but not the underlying authority. The firm lacked a rule requiring every quotation and proposition to be matched against the cited decision.

Time pressure made the generated draft attractive precisely because proper verification would consume the time that the tool appeared to save.

By the time the brief was filed, responsibility had become diffuse. Every participant could point to another stage at which the error should have been caught.

Organizations often respond by instructing lawyers to verify AI output. That instruction is sound but incomplete. It describes an obligation without designing a control. A functioning verification system must specify who checks the authority, which source is authoritative, how the check is recorded, whether generated quotations require independent comparison, and who remains accountable when work passes among several people.

The difference resembles the divide between telling employees to protect confidential information and operating an actual information-security program. General awareness cannot substitute for access controls, review procedures, audit trails, escalation rules, and enforceable responsibility.

A firm that merely circulates an AI policy may therefore have governance on paper while its filing process continues to depend on informal assumptions.

Why the Failures Continue

The persistence of legal hallucinations is puzzling only when the problem is understood as ignorance. Lawyers have received ample warning. The first globally publicized sanctions appeared in 2023. Since then, courts, bar associations, insurers, vendors, professional publications, and law firms have repeatedly explained that generative systems can fabricate cases and quotations.

Knowledge of the risk has not eliminated the incentives that produce it.

Generative AI offers the greatest apparent advantage under the conditions in which verification is most likely to deteriorate. A lawyer faces an unfamiliar issue, an urgent deadline, limited research support, cost pressures, or a weak claim lacking obvious authority.

The system produces a polished analysis immediately. Its fluency creates the impression that the difficult portion of the work has already been completed.

Verification then feels like repetition rather than legal research. If every case must be located, read, and tested against the proposition for which it is cited, much of the promised time saving disappears. The temptation is to check selectively, trust familiar-looking citations, or treat the generated text as a draft that someone else will review.

That incentive is reinforced by a deeper misunderstanding of automation. Many organizations purchase AI to compress the cost of professional work. They assess success through speed, output volume, utilization, and margin. Verification is treated as overhead imposed on the automated process rather than as part of the process itself.

A system that drafts in ten minutes but requires two hours of validation has not reduced the task to ten minutes. It has changed the allocation of labor and moved risk into the review stage.

When organizations measure the generated output but ignore the verification burden, they create pressure to skip the very work that makes the output usable.

The Limits of the Individual-Blame Model

Some cases involve conduct that plainly belongs to an individual lawyer. A person uses a public chatbot, copies the result into a brief, performs no meaningful review, and signs the filing. Professional responsibility cannot be dispersed so broadly that the signer escapes accountability.

The growing record, nevertheless, makes a purely individual explanation less credible as a description of the overall problem.

Hallucinated material has appeared in submissions involving solo practitioners, government lawyers, self-represented litigants, litigation teams, external contractors, experts, and prominent firms. It has passed through workflows that were supposedly layered with review. In some matters, lawyers have blamed junior staff, outside researchers, technical tools, or purchased work product. Courts have generally rejected those explanations as defenses, but the explanations still reveal how the work was organized.

The recurring pattern suggests that legal institutions have adopted generation faster than they have redesigned validation. They have added a new source of draft material without consistently changing the systems that establish provenance, confirm authority, assign responsibility, and preserve evidence of review.

That is an organizational design problem. Clients should therefore ask more than whether a law firm permits generative AI. They should ask which systems are approved, what data may be entered into them, what tasks they may perform, how generated research is verified, whether the firm retains source records, how failures are reported, and whether repeated incidents are examined across matters.

Professional-liability insurers will eventually ask similar questions. So will courts evaluating whether a mistake was an isolated lapse or a foreseeable result of deficient controls.

Notice Changes the Standard

The expanding case record has another consequence. It weakens the argument that hallucinated authority is an unforeseeable technical accident.

Legal liability and professional discipline often turn on notice. An organization may receive notice from a prior incident, a judicial opinion, an internal audit, a vendor warning, an ethics rule, or a pattern visible across its industry. Once a risk is known, continued failure to address it may support a different judgment about reasonableness.

By mid-2026, the legal profession cannot plausibly claim a lack of notice. The database itself contains more than a thousand decisions. Appellate courts have published warnings. Lawyers have been sanctioned for failing to disclose the source of errors after discovery. Professional guidance has confirmed that existing duties apply to AI-assisted work. Specialized products have been tested and found capable of producing unsupported answers despite marketing claims designed to reassure users.

The standard is therefore shifting from whether a lawyer understood that AI can hallucinate to whether the lawyer or firm established controls proportionate to a documented risk.

A first incident may still be negligence. A second incident after warnings, training, or prior sanctions can indicate indifference. Repetition across an organization may support an inference that management failed to supervise the technology it authorized.

At that point, “the AI hallucinated” ceases to function as an explanation. It identifies the mechanism but says little about responsibility.

From Professional Error to Organizational Negligence

Organizational negligence does not require every failure to originate in a formal enterprise deployment. A firm may be negligent by allowing unmanaged public tools to become part of ordinary practice. It may approve a system without defining permissible uses. It may announce a verification policy without testing compliance. It may reward speed while leaving review obligations vague. It may fail to investigate near misses because no court discovered them.

The emerging database makes those omissions easier to evaluate against an external record.

A court examining a future case will not encounter an unknown risk. It can see how other courts treated similar conduct. A disciplinary body can distinguish a genuinely novel mistake from behavior repeated after extensive public warning. A client considering malpractice claims can argue that reasonable firms had already recognized the need for specific safeguards. An insurer can compare a firm’s controls with a growing history of losses and sanctions.

This does not mean every hallucination will establish organizational liability.

The database is not proof of any one firm’s negligence, and its raw count should not be mistaken for a controlled statistical measure of incidence. Publication practices differ among jurisdictions. U.S. decisions are disproportionately visible. Several decisions may arise from the same underlying proceeding. Many failures never become reported cases.

Its evidentiary value is broader. It establishes that the risk is recurrent, international, professionally recognized, and capable of causing predictable harm. That is enough to make passive governance increasingly difficult to justify.

The next stage will be less forgiving. Courts have explained the risk. Ethics authorities have explained the duty. The decisions are searchable, comparable, and accumulating.

The hallucination excuse is running out of time.