Vienna Calling: IT and AI in International Arbitration

Vienna Calling: IT and AI in International Arbitration

The IT and AI tools are increasingly being used in the area of international arbitration. This development has advantages and disadvantages, which will addressed in this article.

1. Introduction

In the course of the international competition Willem C. Vis International Commercial Arbitration Moot in April 2025 in Vienna two events regarding IT security and the use of AI in international arbitration took place. The subject matters discussed there are addressed in this article.

2. Events 

• ICC-YAAF & YAAP Event "Exposed, Hacked, or Stolen: When Arbitration Gets Messy"

In the course of the event "Exposed, Hacked, or Stolen: When Arbitration Gets Messy", the subject matters related to the IT security in international arbitration were addressed:

Hacker attacks

It was pointed out that law firms and arbitral institutions are not immune to hacker attacks (especially those involved in the media covered and politically significant cases can be the target). There is a risk of documents being stolen and submitted as evidence (in some countries the illegally obtained documents can also be submitted as evidence).

Falsification of evidence

Fake evidence has always been a problem. Thanks to the new technologies, the counterfeiting process has become easier. Nowadays, not only the documents, but also the online witness testimonies can be manipulated (deep fakes).

IT Security

It was emphasized that IT security is linked to the attorneys’ duty of confidentiality. Among others, the implementation of a due diligence process regarding potential service providers, an emergency concept and a backup plan was recommended.

Case Management Platforms

In order to ensure the confidentiality of international arbitration, the arbitral institutions (e.g. ICC, VIAC). introduced case management platforms. This prevents case-related communication (including the submission of documents) via e-mail.

• VIAC Event "VIAC presents "Arbitr-AI-tion": Justice Meets the Algorithm"

In the course of the event of the Vienna International Arbitration Centre ("VIAC"), the use of AI in international arbitration proceedings was discussed:

Hallucinations

The speakers highlighted the necessity of verification of the AI-generated content. Currently, the risk of hallucination is said to be 52 – 82% in case of regular AI tools (it is said to be 17 – 32% in case of specific AI tool used in the legal sector).

AI know-how

The necessity of an AI-related training was stressed, since the use of AI tools is on the rise in the legal sector.

VIAC's AI grade

In the course of the event the new VIAC Guideline on the Use of AI in International Arbitration ("VIAC's Note on AI"), which drafting process the author of this article had participated in, was presented. The document addresses AI-related subject matters to be observed by the arbitrators and legal representatives of the parties.

3. Conclusions

The subject matters discussed during these two events show the increasing role of data protection and IT security in international arbitration. When observing the current events (the tense international relations, trade wars, the increasing use of AI, etc.), one can come to the following conclusion: "Arbitration will get messier".

In particular, the risk of AI-forged evidence will increase in the future.

It is praiseworthy that the arbitration institutions look for solutions and implement them (e.g. case management platforms, AI guidelines).

Further, the following AI and IT security measures shall be implemented by arbitration practitioners:

• Service provider due diligence process: it would be advisable to review 28 GDPR in connection with the preparation of the service provider due diligence procedure.

• Emergency concept: This document shall list the risk scenarios (e.g. the loss of critical service providers, data breach, hacker attack, etc.) and the procedures to be followed in each of the emergency cases. It should be noted that banks ask about the existence of this document in the course of a business loan approval process as well as potential business partners in the course of the contract negotiations.

• IT and AI guidelines: These documents address the use of employers’ AI or IT infrastructure by employees (e.g. the approved AI and IT tools, the procedure in the event of disruptions, social engineering countermeasures, etc.).

• Authorization concept: Due to the sensitive nature (e.g. professional secrecy, data protection, trade secrets) of information processed in the course of arbitration proceedings, the group of the access-authorised persons and the scope of their access rights must be determined (e.g. of IT authorizations dependent on position and projects).