Legal
Recommended Products
-
CoCounsel
Move faster and accomplish more with a professional-grade, generative AI assistant that transforms the way you work. Thomson Reuters CoCounsel is with you every step of the way, backed by authoritative content and industry-leading expertise.
-
Westlaw
Conduct legal research efficiently and confidently using trusted content, proprietary editorial enhancements, and advanced technology.
-
Practical Law
Accelerate how you find answers with powerful generative AI capabilities and the expertise of 650+ attorney editors. With Practical Law, access thousands of expertly maintained how-to guides, templates, checklists, and more across all major practice areas.
Questions? We are here to help
Tax & Accounting
-
Top products for corporations
-
Top products for accounting firms
Recommended Products
-
CoCounsel Tax, Audit, Accounting
Move faster and accomplish more with a professional-grade, generative AI assistant that transforms the way you work. Thomson Reuters CoCounsel is with you every step of the way, backed by authoritative content and industry-leading expertise.
-
UltraTax CS
Provides a full line of federal, state, and local programs. Save time with tax planning, preparation, and compliance.
-
1040SCAN
Automate work paper preparation and eliminate data entry
Questions? We are here to help
Trade & Supply
Recommended Products
-
Foreign Trade Zone Management
Software that keeps supply chain data in one central location. Optimize operations, connect with external partners, create reports and keep inventory accurate.
-
Indirect Tax
Automate sales and use tax, GST, and VAT compliance. Consolidate multiple country-specific spreadsheets into a single, customizable solution and improve tax filing and return accuracy.
Questions? We are here to help
Risk & Fraud
Recommended Products
-
CLEAR
Search volumes of data with intuitive navigation and simple filtering parameters. Prevent, detect, and investigate crime.
-
Fraud Detect
Identify patterns of potentially fraudulent behavior with actionable analytics and protect resources and program integrity.
-
ID Risk Analytics
Analyze data to detect, prevent, and mitigate fraud. Focus investigation resources on the highest risks and protect programs by reducing improper payments.
Questions? We are here to help
News & Media
Recommended Products
-
Reuters Connect
Around the globe, with unmatched speed and scale, Reuters Connect gives you the power to serve your audiences in a whole new way.
-
Reuters Plus - Content Studio
Reuters Plus, the commercial content studio at the heart of Reuters, builds campaign content that helps you to connect with your audiences in meaningful and hyper-targeted ways.
-
Reuters.com Platform
Reuters.com provides readers with a rich, immersive multimedia experience when accessing the latest fast-moving global news and in-depth reporting.
Questions? We are here to help
Books
Recommended Products
-
What's new in legal products
Shop our latest titles
-
Shop tax customer favorites
ProView Quickfinder favorite libraries
Questions? We are here to help
Developers
-
APIs by industry
-
Related sites
-
United States Support
-
International support
-
New releases
-
Join a TR community
-
Free trials & demos
Security frequently asked questions
What is an M365 Add-in?
An M365 add-in is a software extension or application that adds extra features or functionalities to Microsoft 365 applications, such as Word, Excel, PowerPoint, Outlook, and others. These add-ins enhance productivity, streamline workflows, or integrate external services directly into Microsoft 365 apps. This specific Thomson Reuters Add-in has been built for Microsoft Outlook.
Limit Collection Principle: Does the system only collect/create the minimum amount of data needed?
Yes, we collect only the minimum data required to run the features of the application and deliver a great user experience. Users always control the features and can easily turn them off and adjust the application settings. The application transfers data from Outlook to CoCounsel, and we do not aim to collect any personal data. Data collection happens only when features must have it to run, providing clear benefits to final users.
Do systems implement safeguards when storing and transferring data? What are the security controls in place?
- We encrypt personal and sensitive data using cryptography algorithms before storing it.
- We use secure APIs to pass the data between client and server (Thomson Reuters CoCounsel APIs).
- We rely on CoCounsel access tokens to identify the permissions for users to perform various actions on the main platform.
- Our application has a gateway that filters all requests for malicious content. We use encryption of data at rest and in transit, lock down our production environment with access only to authorized support and operations staff, and manage all resources with restricted access via our firewall and application gateway.
Why is Microsoft Graph required?
We use Microsoft Graph REST APIs to save emails and attachments from Outlook to CoCounsel platforms. Microsoft Graph adheres to the security and compliance standards of Microsoft 365, ensuring that data interactions are secure and comply with organizational policies. We gather your consent to grant access at the first launch of the application.
Microsoft Graph access permissions are required. They are usually managed via Microsoft Entra.
Find the list of delegated permissions required below:
- Contacts.Read- Read user contacts
- email- View users’ email address
- Mail.Read- Read user mail
- Mail.ReadWrite- Read and write access to user mail
- Mail.Send- Send mail as a user
- MailboxSettings.Read- Read user mailbox settings
- MailboxSettings.ReadWrite- Read and write user mailbox settings
- User.Read- Sign in and read user profile
Mark 
Admin consent request
as No
for all of them. Is it safe to use AI features?
Thomson Reuters employs a multi-faceted approach to protect traditional and generative AI models integrated as features within our product portfolio. We align our approach with multiple regulatory and best practice frameworks and follow Thomson Reuters' Data and AI Ethics Principles.
- We prioritize security and privacy in our use of data throughout the design, development, and deployment of our data and AI products and services.
- We strive to maintain meaningful human involvement and treat people fairly in our AI product and service design, development, and deployment.
- We aim to use data and design AI products and services that are reliable, consistent, and empower socially responsible decisions. We implement and maintain appropriate accountability measures for our use of data and our AI products and services.
- We make the use of data and AI in our products and services understandable. We use employee data to ensure a safe and inclusive work environment and to ensure employee compliance with regulations and company policies.
- You remain in total control of the AI features and can disable them at any time.
How are LLMs used at Thomson Reuters?
We govern our use of Large Language Models (LLMs) by Thomson Reuters' principles, frameworks, policies, and standards. We maintain governance policies and standards designed to minimize the use of sensitive data in AI models, with escalated reviews by a Model Ethics Committee within Thomson Reuters that evaluates the use of sensitive data within an LLM. We have also built an internal LLM and AI solution for internal utilization and actively encourage employees to use the internal application for product development.
note
More details are available at Thomson Reuters AI Security Governance Whitepaper.
Does Thomson Reuters train gen AI models on User Content or User Prompts?
Your User Content and User Prompts:
- Are not used to train or improve CoCounsel Core v2.
- Are not used to train or improve any 3rd party gen AI LLMs (OpenAI GPT or Google Gemini).
- Are not used in output for another 3rd party or Thomson Reuters.
- Are not stored by Open AI GPT or Google Gemini.
How does Thomson Reuters use User Content, User Prompts, Output, or Usage Information?
Data Types | Improve the product | Train Gen Al models |
|---|---|---|
User Content | No | No |
User Prompts | No | No |
Usage Information | Yes | No |
Al Outputs | No | No |
How does Thomson Reuters ensure that User Content and User Input are not trained in gen AI LLM?
Thomson Reuters has established contractual obligations, and where applicable systemic, controls to turn off 3rd-party abuse monitoring solutions to prevent human access or inclusion in their models.
What process does Thomson Reuters use to attempt to mitigate hallucinations?
Thomson Reuters experts rigorously test CoCounsel skills. The product also leverages a Thomson Reuters proprietary mechanism designed to reduce hallucinations.
How does Thomson Reuters utilize usage information to improve CoCounsel Core?
Thomson Reuters analyzes de-identified usage information to manage account health, capacity planning, and develop our product roadmap.
Penetration testing and certifications
We successfully penetration tested our application in 2024. We follow the Microsoft Privacy and Security for Office Add-ins requirements.
This article applies to:
- Product: CoCounsel