Glossary

Compliance terms, defined.

Short, plain-language definitions for every term used across Clawscan — product concepts, regulatory frameworks, and Microsoft 365 deployment terms. Cross-linked so you can follow a thread in any direction.

Jump to term

Article 101 TFEU
Credit
Dataverse
DLP
Entra ID security group
FCPA
GDPR Article 5
Guard
Intent-based detection
Justification
Legal domain
MAR
Microsoft 365 tenant
Outlook add-in
Per se offence
Privacy filtering
Shield
Tenant-local architecture
Verdict

Clawscan product terms

Concepts specific to how Clawscan works.

Credit: The unit of measurement for Clawscan usage. One credit equals one email scanned against one active legal domain. An email scanned against three active domains consumes three credits.; RelatedLegal domain
Guard: Guard is Clawscan's reactive compliance module. Every email routed to your Clawscan shared mailbox is automatically scanned against all active legal domains, with a timestamped verdict stored for audit. 100% coverage, not sampling — unlike manual compliance review. Guard is your second line of safety: even when something slips through, your Legal & Compliance teams are the first to know.; RelatedShield Verdict Legal domain
Intent-based detection: Clawscan's detection approach. Rather than matching banned keywords, Clawscan's AI models evaluate the intent of an email against regulatory risk patterns — e.g. recognising price coordination whether or not the word 'price' appears. Reduces false positives compared to legacy email DLP keyword filters.; RelatedLegal domain DLP Verdict
Justification: A plain-language explanation attached to every Clawscan verdict — what the AI detected, which regulatory framework applies, and why escalation is warranted. Unlike keyword alerts, a justification gives a compliance officer or general counsel actionable evidence instead of a raw flag.; RelatedVerdict Intent-based detection
Legal domain: A regulatory risk area covered by its own purpose-built Clawscan AI model. Current domains include Competition Law, Conflict of Interest, Confidential Information & Trade Secrets, and Workplace Harassment, with more added continuously. Each domain can be activated independently; credits are only consumed for active domains.; RelatedIntent-based detection Credit
Privacy filtering: A client-controlled Clawscan feature that skips scanning for emails whose subject line matches a configured keyword (e.g. [Private], [Confidential]). Matching emails are dismissed before entering the scan pipeline — never read, never stored, never processed. The keyword list is managed entirely by the client.; RelatedTenant-local architecture Guard
Shield: Shield is Clawscan's proactive compliance module. It runs inside Outlook while an employee is drafting and surfaces a verdict — classification and written justification — before the email is sent. Designed to prevent legal & compliance risk from ever leaving your Microsoft 365 tenant.; RelatedGuard Verdict Credit
Tenant-local architecture: Clawscan's deployment model in which raw email content is scanned inside your own Azure tenant and never crosses the tenant boundary. Only scan outputs — classification and justification — are transmitted to GOlegal for storage. Minimises data egress and aligns with GDPR data-minimisation principles.; RelatedMicrosoft 365 tenant DLP GDPR Article 5
Verdict: The structured output of a Clawscan scan. Every verdict contains two components: a classification (critical / warning / safe) and a written justification referencing the specific flagged passage. Verdicts are what make Clawscan output audit-defensible rather than a black-box signal.; RelatedJustification Shield Guard

Regulatory & compliance terms

Legal frameworks and enforcement concepts referenced across Clawscan.

Article 101 TFEU: The core EU competition law provision prohibiting agreements between undertakings that restrict competition — including cartels, price coordination, bid-rigging, and market allocation. Violations can trigger fines of up to 10% of global annual turnover. Email is routinely the primary evidence source in EU cartel investigations.; RelatedPer se offence Legal domain
DLP: Data Loss Prevention — a category of security software that blocks the transmission of predefined sensitive data (credit card numbers, SSNs, classified keywords). DLP is content-signature matching; Clawscan is intent-based legal risk detection. DLP answers 'is this data banned from leaving?'; Clawscan answers 'does this communication describe unlawful conduct?'; RelatedIntent-based detection Tenant-local architecture
FCPA: Foreign Corrupt Practices Act — US federal law prohibiting bribery of foreign public officials and imposing accounting controls on issuers. Along with the UK Bribery Act, one of the two principal anti-bribery frameworks with extraterritorial reach.; RelatedLegal domain
GDPR Article 5: The GDPR provision establishing data processing principles, including purpose limitation, data minimisation, and storage limitation. Article 5 underpins Clawscan's tenant-local architecture: raw email never leaves the controller's tenant, so processing is minimised to the scan outputs actually needed for the compliance purpose.; RelatedTenant-local architecture Legal domain
MAR: Market Abuse Regulation (EU Regulation 596/2014). The core EU framework governing insider trading and market manipulation in regulated markets. Covered firms must detect, investigate, and report suspected market abuse — including communications evidence.; RelatedLegal domain
Per se offence: A category of regulatory violation that is unlawful by its nature, regardless of actual market effect. Most hardcore cartel conduct — price fixing, bid-rigging, market allocation — is per se unlawful under EU and US competition law. An email agreeing to coordinate prices is an offence whether or not prices were actually aligned.; RelatedArticle 101 TFEU

Microsoft 365 & technical terms

Platform, architecture, and deployment terms relevant to Clawscan deployments.

Dataverse: Microsoft's managed relational data store used by Clawscan to persist scan outputs. Encryption at rest uses TDE / AES-256. Dataverse provides the audit-ready evidence store that sits behind the Guard dashboard.; RelatedTenant-local architecture Guard
Entra ID security group: A Microsoft Entra ID (formerly Azure AD) group used to define which employees are in scope for Clawscan. A single security group controls both the Shield add-in deployment and the Guard shared-mailbox redirect. Dynamic groups are supported for attribute-based scoping (role, department, location).; RelatedMicrosoft 365 tenant Shield Guard
Microsoft 365 tenant: A customer-dedicated instance of Microsoft 365 / Azure, identified by a tenant GUID. All Clawscan scanning happens inside the client's own tenant — Shield runs as an Outlook add-in in-tenant; Guard uses an in-tenant shared mailbox. No tenant boundary is crossed by raw email content.; RelatedTenant-local architecture Entra ID security group
Outlook add-in: The task-pane component that runs Clawscan Shield inside the user's Outlook client (Windows, Mac, Web, Mobile). The add-in is deployed centrally through Microsoft 365 Admin Center and requires no per-user install. It activates for employees inside the configured Entra security group.; RelatedShield Entra ID security group

See these terms in practice.

Book a 30-minute demo and see how Clawscan works for your organisation.

Book a demo →Explore all features

Compliance terms, defined.

Clawscan product terms

Credit

Guard

Intent-based detection

Justification

Legal domain

Privacy filtering

Shield

Tenant-local architecture

Verdict

Regulatory & compliance terms

Article 101 TFEU

DLP

FCPA

GDPR Article 5

MAR

Per se offence

Microsoft 365 & technical terms

Dataverse

Entra ID security group

Microsoft 365 tenant

Outlook add-in

See these terms in practice.