Posted by One Legal on August 27, 2019
Technology has seen remarkable advances in recent years. In a short time, we have gone from dictation, typewriters, and fax machines to the ability to research and draft entire legal pleadings on a device that can be held in your hand.
Technology has been a great improvement in the practice of law. But texting, posting on social networks, and instant messaging all create new threats for attorneys and new client expectations in how they communicate with their counsel. This can be a liability as far as attorney-client privilege. Nonetheless, attorneys and law firms should use this caution as an opportunity to safeguard and bolster their security to better represent their clients.
Rules of Professional Conduct
The Model Rules of Professional Conduct and state rules regulating the practice of law have slowly embraced technology and have set out attorneys’ responsibilities for using them. For example, Rule 1.1 requiring a lawyer to provide competent representation to a client includes Comment 8, which states:
To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject. (Emphasis added).
And ABA Formal Opinion 477 – “Securing Communication of Protected Client Information” states that an attorney generally may transmit information relating to the representation of a client over the internet without violating the Rules if he or she has undertaken reasonable efforts to prevent inadvertent and unauthorized access.
However, the opinion goes on to state that an attorney may be required to take special security precautions to protect against the inadvertent or unauthorized disclosure of client information when required by an agreement with the client or by law, or when the nature of the information requires a higher degree of security.
Many state bars are starting to incorporate new expectations of their attorneys and how they use technology into their rules. For example, the Arizona State Bar Disciplinary Commission has determined that an attorney may use cloud computing or third-party providers to store client data, so long as he or she exercises reasonable care in doing so.
Let’s look at how firms and attorneys can use technology to protect Attorney-Client Privilege, both inside and outside the office.
Protecting Confidential Information
To protect attorney-client privilege, law firms must educate their clients and staff on how the privilege works so that they can avoid intentional and inadvertent disclosures, as well as the risks that come with disclosure of confidential information.
To be safe, attorneys can instruct their clients to refrain from communicating via text or instant messaging. Instead, they should be urged to use a landline or encrypted email. In addition, they can ask their clients add the words “Attorney-Client Privilege” in the subject line of any email. This will remind the client that it’s confidential information.
Some of the best ways to secure confidential information and to uphold the attorney-client privilege when it comes to technology are common sense in today’s world. But sadly, many firms are not taking the most basic of precautions to keep their data private. Some of these basic protections include the following:
- Use encryption when communicating any privileged information
- Employ password protection on devices and individual documents, this includes USB flash drives
- Only draft and store electronic documents on the firm’s network, rather than personal home computers
- Don’t install unnecessary third-party mobile applications on firm smartphones as they can spread malware to access to the firm’s networks and confidential data
- Set up mobile devices to permit the firm to remotely wipe them clean if they are lost or stolen
- Use tracking devices that can report a device’s location when on the Internet;
- Scrub all metadata prior to transmitting documents to external email addresses, even an attorney’s home email
- Look into clawback agreements in litigation to decrease risk of waiver if there’s an inadvertent disclosure.
Law firms want to leverage technology to better serve their clients and to make their teams more efficient. However, technology creates an ever-increasing risk to the attorney-client privilege and confidentiality.
Emails and social media profiles are frequently the cause of clients or attorneys waiving their privilege because of the inadvertent disclosure of confidential information. Attorneys must be aware of the latest threats and protect against them — understanding the pitfalls of using mobile devices, smartphones, email, social media, and cloud storage.