Legal Holds
Preserve AI agent data during litigation, regulatory investigations, FOIA requests, or internal inquiries. Legal holds override automated retention policies, ensuring protected data is never deleted until the hold is released.
When to Use Legal Holds
Create a legal hold when you need to preserve data that would otherwise be deleted by retention policies:
| Scenario | Hold Type |
|---|---|
| Pending or anticipated lawsuit | Litigation |
| Government or regulatory agency inquiry | Regulatory Investigation |
| Freedom of Information Act request | FOIA Request |
| Internal compliance or HR investigation | Internal Investigation |
Hold Types
| Type | Description |
|---|---|
litigation |
Preservation for pending or anticipated legal proceedings |
regulatory_investigation |
Response to government or regulatory agency inquiry |
foia_request |
Freedom of Information Act or public records request |
internal_investigation |
Internal compliance or HR investigation |
other |
Other preservation requirement |
What Can Be Preserved
Holds can protect specific types of data:
| Data Type | Description |
|---|---|
| Audit logs | Records of agent activity and tool usage |
| Threads | Conversation threads between users and agents |
| Messages | Individual messages within threads |
| Files | Uploaded documents and RAG content |
Targeted vs. Blanket Holds
Blanket Holds
Protect all data of the specified types for an organization. Use when the scope of preservation is broad or undefined.
Targeted Holds
Protect only specific resources:
Specific conversation threads
Specific files or documents
Use targeted holds when you know exactly which data needs preservation, minimizing impact on normal retention operations.
Hold Lifecycle
1. Creation
Create a hold with:
Hold type (litigation, regulatory, FOIA, etc.)
Scope (which data types to protect)
Optional targets (specific threads or files)
Optional expiration date
Reference number for tracking
2. Active Period
While the hold is active:
Protected data is excluded from automated retention cleanup
Retention jobs report how many items were skipped due to holds
Users can still access the data normally
3. Release
When the hold is no longer needed:
Release with a documented reason
Data becomes eligible for retention on the next cleanup run
Release is recorded in the audit trail
API Reference
Create a Legal Hold
POST /v1/dashboard/organizations/:orgId/legal_holds
Request body:
{
"reason": "litigation",
"reference_number": "CASE-2024-001",
"description": "Preserve records related to contract dispute",
"hold_threads": true,
"hold_messages": true,
"hold_audit_logs": true,
"target_thread_ids": ["thread_abc", "thread_def"]
}
List Legal Holds
GET /v1/dashboard/organizations/:orgId/legal_holds
Returns active holds. Add include_released=true to see full history.
Get Hold Details
GET /v1/dashboard/organizations/:orgId/legal_holds/:holdId
Release a Hold
POST /v1/dashboard/organizations/:orgId/legal_holds/:holdId/release
Request body:
{
"release_reason": "Litigation concluded, no further preservation required"
}
Audit Trail
All legal hold operations are logged:
Hold creation (who, when, what scope)
Hold release (who, when, why)
This provides evidence that preservation requirements were properly implemented and managed.
Best Practices
Act promptly — Create holds as soon as preservation is required
Document thoroughly — Include reference numbers and clear descriptions
Use targeted holds when possible — Minimize impact on normal retention
Review regularly — Release holds when no longer needed
Coordinate with legal — Ensure holds align with counsel's requirements
Related
Data Retention — How retention policies work
Audit Trail — Hold operations in the audit log
SOC 2 Compliance — Compliance framework coverage