It's really not that different from other internal audit teams. Financial audit doesn't exist to make the accountants happy, and IT audit teams won't hesitate to rip into the IT groups. This is basically a comprehensive, proactive legal audit of any internal user data request. As long as they don't fall under the same management as the other legal team, there shouldn't be much internal pressure to compromise.