A privilege log is a discovery obligation that practitioners tend to approach as a compliance exercise rather than a legal argument. That framing creates problems. A privilege log is not just a list of withheld documents — it is the factual record that supports each privilege assertion, and courts evaluate it with that lens. Entries that fail to provide document-level information sufficient to permit the opposing party to assess the privilege claim expose your client to in-camera review, production orders, and fee-shifting motions that a better-documented log would have avoided.
This piece addresses what courts have found sufficient and insufficient in privilege log entries under the attorney-client privilege and work product doctrine, how automated log generation fits into the defensibility analysis, and what the practical standards for field-level documentation look like in the current federal practice.
The Legal Framework: What Each Privilege Requires in the Log
Attorney-client privilege protects confidential communications between an attorney and a client made for the purpose of obtaining or providing legal advice. The privilege log entry for a claim of attorney-client privilege must support each element. In practice, this means: the communication must be identified as between an attorney and a client (established by the From/To/CC/BCC metadata showing a licensed attorney's involvement); the communication must be characterized as seeking or providing legal advice (not just involving an attorney); and the log entry must indicate why the communication was maintained in confidence — typically shown by the absence of business-side recipients outside the legal team.
Work product doctrine under Rule 26(b)(3) protects documents prepared in anticipation of litigation by or for a party or its representative. The log entry supporting work product must establish that the document was created in anticipation of specific litigation — not general business risk management, not routine compliance work, not operational decision-making that happens to involve an attorney. "Anticipation of litigation" is fact-intensive, and log entries that simply say "work product — prepared in anticipation of litigation" without explaining what the litigation was and when it was reasonably anticipated have been found insufficient in numerous jurisdictions.
Opinion work product — the mental impressions, conclusions, opinions, or legal theories of an attorney — receives heightened protection and is nearly absolute in the federal courts. Identifying that a document contains opinion work product (rather than mere factual work product) in the log entry strengthens the protection claim and should be noted where applicable.
What Courts Have Found Insufficient
The case law on inadequate privilege logs is substantial. Courts across multiple districts have ordered in-camera review or compelled production based on privilege log inadequacy, most commonly in the following patterns:
Conclusory privilege basis descriptions. Entries like "attorney-client privilege" or "legal advice" without any characterization of what type of legal advice, in what matter context, or between which specific parties have been rejected in numerous courts. The most commonly cited standard, articulated in various forms across circuits, is that the log must describe the document with "sufficient particularity" to enable the requesting party to test the privilege claim. A one-phrase privilege basis field does not meet that standard.
Inadequate document description fields. Courts expect the document description field to tell the opposing party something about the subject matter of the communication without revealing the privileged content. "Email re: legal matters" is insufficient. "Email re: [project name] contract terms — request for legal advice on indemnification clause" is sufficient, assuming the project name does not itself reveal privileged information.
Missing or incomplete metadata fields. The standard metadata fields expected in a privilege log — date, document type, author, recipient(s), and privilege basis — must all be present. Missing date fields (which happen when the original document's metadata was corrupted or not extracted) require explanation. Missing recipient fields for documents in which the recipient is unknown is often a collection problem, not a log problem, but it requires a notation in the log rather than a blank field.
Blanket log entries for email chains. Logging an email chain as a single entry with a single privilege claim is challenged regularly by opposing counsel and has been the subject of considerable judicial scrutiny. If multiple emails in a chain have different privilege status — some privileged, some not — logging the chain as a single entry may result in a production order for the entire chain. Best practice is to log each email in a chain separately (with the chain relationship noted) or to prepare a categorical entry that covers only the privileged portions with explicit notation of the chain structure.
Automated Log Generation: Where It Helps and Where It Doesn't
Automated privilege log tools populate the metadata fields — Date, From, To, CC, Subject (or a redacted version), Document Type, Bates Number, and sometimes a placeholder privilege basis derived from classifier scoring. The metadata population step is genuinely useful and reduces attorney time spent on the mechanical aspect of log compilation. In a large matter with 3,000 privilege-logged documents, automated metadata field population saves substantial time.
The limitation is in the privilege basis description field. No automated tool can generate a legally adequate privilege basis description without attorney input, because the description requires judgment about: (1) what type of legal advice was involved in this specific communication; (2) whether the communication is more accurately characterized as seeking advice, providing advice, or conveying information in furtherance of a legal representation; and (3) whether any non-privileged business content in the communication affects the claim.
Consider a scenario representative of a common log problem: a corporate legal team processes a 4,500-document privilege hold through an automated classifier. The tool generates log entries with accurate metadata fields and assigns a privilege basis from a dropdown list — "Attorney-Client Privilege," "Work Product," or "Both." Opposing counsel receives the log and immediately challenges 600 entries that describe email chains between the in-house general counsel and senior business executives as "Attorney-Client Privilege" without indicating whether the communications were seeking legal advice on a specific matter or were routine communications between a business executive and the company's GC that happened to touch on legal topics.
The distinction matters because courts in the Seventh Circuit (including the Northern District of Illinois, which covers Chicago federal practice) have held that communications between in-house counsel and business clients are not presumptively privileged — the party claiming privilege must show that the communication was made primarily for the purpose of seeking or obtaining legal advice, not for business purposes with incidental legal content. An automated log that assigns the privilege basis label without differentiating between these categories does not resolve that question; it flags it for challenge.
We're not saying automated log generation is inadequate — it is a significant efficiency improvement for the metadata population portion of the log. The point is that the privilege basis description field requires attorney review of each document (or a defensible sampling and representative description methodology for voluminous similar documents), and workflows that skip that step create log adequacy risk that surfaces as motion practice.
Categorical Privilege Logs
For very large document populations, categorical logging — grouping similar documents under a single category description — has been accepted in some jurisdictions as an alternative to document-by-document entries. The Sedona Conference Best Practices Commentary on Privilege and Clawback (updated commentary through its recent publications) addresses categorical logging as an option in high-volume matters, subject to the court's approval and the opposing party's opportunity to challenge the category definitions.
Categorical logging works when the category can be defined precisely enough to give the opposing party meaningful information about each document in the category. "Emails between General Counsel and outside litigation counsel regarding [matter name] discovery disputes, dated [date range]" is a functional categorical entry. "Internal communications involving attorneys" is not.
Courts in matters where categorical logging has been approved have generally required the producing party to represent that all documents in each category share the described characteristics and that a supervising attorney has reviewed a sample sufficient to validate the category definition. The FRE 502(d) and clawback agreement structure should be in place for all categorical log matters, because category-level review inherently carries higher inadvertent-disclosure risk than document-level review.
Privilege Log as Audit Trail
The privilege log, once submitted, becomes a commitment. Courts have sanctioned parties for logs that were internally inconsistent — where documents described as involving only specified personnel also appeared in other production documents involving different personnel, suggesting the log descriptions were inaccurate. It is also the record against which any FRE 502(b) or 502(d) clawback request will be evaluated: if you claim inadvertent disclosure and seek return of a document, the quality of the privilege log for similar documents is evidence of whether your privilege review process was reasonable.
Building the privilege log with the audit trail in mind — preserving the reviewer's privilege determination rationale for each flagged document, not just the final log entry — creates a more defensible record if the log is challenged. Platforms that support annotation at the document level (why this document was logged as privileged) generate a reviewable basis for each entry that manual log reconstruction cannot replicate.
Privilege log review and log adequacy determinations remain squarely in counsel's domain — no automated workflow substitutes for the attorney judgment that underlies each privilege assertion. If you're evaluating how automated log generation workflows can be structured to meet defensibility standards for your matters, we're available to discuss the specifics.