Previous month:
September 2014
Next month:
November 2014

NY bar on ethics of cloud computing – again

Stacked3This week's Daily Record column is entitled "NY bar on ethics of cloud computing – again."  My past Daily Record articles can be accessed here.

***** 

 NY bar on ethics of cloud computing – again 

New York state has long been on the cutting edge of addressing the ethics of using different technologies in the practice of law. So it was no surprise when the New York State Bar was one of the first to confront the ethics of cloud computing when the Committee on Professional Ethics handed down Op. 842 in 2010, which addressed the ethics of storing confidential client data online.


In that opinion, the committee held that “(a) lawyer may use an online data storage system to store and back up client confidential information provided that the lawyer takes reasonable care to ensure that confidentiality is maintained in a manner consistent with the lawyer’s obligations under Rule 1.6.”

In two different opinions handed down in the latter half of this year, the committee further clarified its position on the use of cloud computing by lawyers. In both opinions, the committee reaffirmed the applicability of the longstanding duty of due diligence when assessing the security of third party service providers, explaining that a lawyer must assess whether the technology offers reasonable protections against disclosure and must also take reasonable precautions when using technology.
At issue in Op. 1019, issued in August, was whether a law firm may “provide its lawyers with remote access to its electronic files.” The committee concluded that it was permissible to do so in the absence of client consent, so long as the attorney concluded that the security precautions exercised by the third party provider were reasonable.

In doing so, the committee recognized the need for a flexible standard: “Because of the fact-specific and evolving nature of both technology and cyber risks, this committee cannot recommend particular steps that constitute reasonable precautions to prevent confidential information from coming into the hands of unintended recipients. If the firm cannot conclude that its security precautions are reasonable, then it may request the informed consent of the client to its security precautions, as long as the firm discloses the risks that the system does not provide reasonable assurance of confidentiality, so that the consent is ‘informed’…”

In Op. 1020, which was handed down in September, the issue addressed was whether “a lawyer representing a party to a transaction (may) use a cloud-based technology so as to post documents and share them with others involved in the transaction.” The committee reached the same conclusion as it did in Op. 1019: “Whether a lawyer for a party in a transaction may post and share documents using a ‘cloud’ data storage tool depends on whether the particular technology employed provides reasonable protection to confidential client information and, if not, whether the lawyer obtains informed consent from the client after advising the client of the relevant risks.”

Importantly, in reaching its decision, the committee noted that lawyers have a duty to stay abreast of changes in technology explaining that the “use of electronically stored information may not only require reasonable care to protect that information under Rule 1.6, but may also, under Rule 1.1, require the competence to determine and follow a set of steps that will constitute such reasonable care.”

By way of example, the committee explained in a footnote that “the duty of competence may require litigators, depending on circumstances, to possess a basic or even a more refined understanding of electronically stored information.”

So, once again, New York leads the way when it comes to the ethics of the use of technology by lawyers. In this case, the Committee on Professional Ethics offered two well-reasoned opinions centered around elastic standards that will undoubtedly withstand the tests of time.

Nicole Black is a Rochester, New York attorney and Director of Business Development and Community Relations at MyCase, intuitive web-based law practice management software for the modern law firm. She is also a GigaOM Pro Analyst and is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a West-Thomson treatise. She is the founder of lawtechTalk.com and speaks regularly at conferences regarding the intersection of law and technology. She publishes four legal blogs and can bereached at niki@mycase.com.


Criminal and privacy implications of drones

Stacked3This week's Daily Record column is entitled "Criminal and privacy implications of drones."  My past Daily Record articles can be accessed here.

***** 

Criminal, privacy implications of drones

Every summer I work on the annual update for the book that I co-author with Judge Karen Morris: Criminal Law in New York. As part of my responsibilities, I review all of the cases about the substantive elements of the crimes to which I’ve been assigned and then write about the implications of the newest holdings.

Of course technology has had an impact on New York’s Penal Law and is discussed in the cases about which I write. Oftentimes, the effects of technology are found in cases addressing aggravated harassment, criminal contempt, or crimes related to privacy rights such as unlawful surveillance. Not surprisingly, as someone who regularly writes about the intersection of law and technology, I am always particularly interested when technological advancements impact criminal law.

That’s why I was so intrigued by a recent news story about the legality of a man’s actions in shooting down a privately-owned drone that was hovering over his property. The drone was owned by his neighbor, who had purportedly flown it over the property with the goal of filming new construction that was occurring on the property.

Interestingly, New Jersey police charged the man who shot the drone with possession of a weapon for an unlawful purpose and criminal mischief. Certainly he damaged property that didn’t belong to him, but the drone that he damaged was being used to, in essence, spy on people and activities occurring on his land. So although he was certainly at fault, there were also privacy issues that were not addressed that were triggered by the use of the drone to obtain views of people and places that would not otherwise be possible absent the use of the drone.

This issue has already cropped up a number of times this year, including reports this summer of people using drones on beaches to obtain up close and personal views of women sunbathers, much to the consternation of said women. In most cases, the Penal Law has yet to be revised to address this type of privacy violation, although in New York, there have been a number of revisions to the Penal Law to address other types of privacy violations made possible through the use of new surveillance technologies.

For example, New York Penal Law Article 240 has been amended and interpreted in recent years to include communications made using the Internet and cellphones. Likewise, Penal Law Article 250 has been substantially revised to include unlawful surveillance occurring through the use of new and sophisticated technologies and now includes:

250.05 Eavesdropping. (E FELONY)
250.10 Possession of eavesdropping devices. (A MISD)
250.15 Failure to report wiretapping. (B MISD)
250.20 Divulging an eavesdropping warrant. (A MISD)

250.25 Tampering with private communications. (B MISD)
250.30 Unlawfully obtaining communications information. (A MISD)
250.35 Failing to report criminal communications. (B MISD)
250.45 Unlawful surveillance in the second degree. (E FELONY)
250.50 Unlawful surveillance in the first degree. (D FELONY)
250.55 Dissemination of an unlawful surveillance image in the second degree. (A MISD)
250.60 Dissemination of an unlawful surveillance image in the first degree. (E FELONY)

Clearly, the Penal Law recognizes the need to protect people from the increasing ability to capture and disseminate information intended to be kept private—and information that would have stayed private but for the use of sophisticated technologies. Unfortunately the Penal Law has not yet caught up with the use of drones for this purpose, which is undoubtedly why the New Jersey man who shot the drone was charged with crimes, while his neighbor was not.

Certainly the wiser course of action would have been to call the police as opposed to destroying the drone with a gun. But even so, the case raises some interesting questions about the future of privacy and the use of drones for surveillance purposes by both private individuals and governmental entities. Only time will tell how our legislators will react to the increasing use of drones for surveillance purposes. Let’s hope they enact measures designed to limit this type of invasive, unauthorized surveillance because privacy rights are more important than ever in today’s highly technologically advanced world.

Nicole Black is a Rochester, New York attorney and Director of Business Development and Community Relations at MyCase, intuitive web-based law practice management software for the modern law firm. She is also a GigaOM Pro Analyst and is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a West-Thomson treatise. She is the founder of lawtechTalk.com and speaks regularly at conferences regarding the intersection of law and technology. She publishes four legal blogs and can bereached at niki@mycase.com.


Two U.S. judges allow service using Facebook

Stacked3This week's Daily Record column is entitled "Two U.S. judges allow service using Facebook."  My past Daily Record articles can be accessed here.

***** 

Two U.S. judges allow service using Facebook

I think by now we can all agree that social media has affected all aspects of our culture, from social interactions and communication to business processes and even the practice of law. Mining social media for evidence and researching jurors using information available online is becoming increasingly commonplace.

More lawyers than ever are using online social networks and tools for business development and marketing purposes.

Even so, social media has not yet permeated all aspects of legal practice in the United States, as I’ve discussed a number of times in the past. However, judges in other jurisdictions have permitted lawyers to serve notice of lawsuits upon opposing parties using social media, starting in December 2008 when an Australian court first allowed service via private Facebook message upon an Australian couple who had defaulted on their mortgage.

In February 2009, service was first permitted in Alberta, Canada, by publication in a newspaper, forwarding a copy of the claim to the defendant’s former employer, and by sending a notice of the action via Facebook to the defendant’s profile. In March 2009, a New Zealand court first permitted service to be effected via Facebook and email. Then in 2012, the English High Court also permitted the practice.

However, until recently, U.S. judges have not warmed to the concept. For example, in 2012, U.S. District Court judge for the Southern District of New York, John F. Keenan, in Fortunato v. Chase Bank, no. 11 Civ. 6608 (JFK), declined to permit service via Facebook.

That all changed this year when two different U.S. judges issued orders permitting service upon litigants using Facebook. First, in February 2014, U.S. Magistrate judge for the Eastern District of Virginia, Thomas Rawles Jones Jr., issued an order in Whoshere, Inc., v. Gokhan Orun d/b/a/ WhoNear; Who Near; whonear.me.

In that case, the defendant was located in Turkey. The plaintiff attempted, unsuccessfully, to serve the defendant using more traditional methods, but as the service deadline approached, requested permission to serve the defendant by: 1) email to gokhan@whonear.me; 2) email to gokhanorun@gmail.com; 3) Facebook at https://www.facebook.com/OrunGokhan; and 4) LinkedIn at http://www.linkedin/in/gokhanorum.

The court granted the request, explaining that: “The court finds that service of process through all four means of service, two email and two social networking accounts ostensibly belonging to defendant, comports with due process because it is reasonably calculated under the circumstances to provide defendant notice of this suit.”

In another case, a family court judge, Staten Island Support Magistrate Gregory Gliedman, permitted service on the plaintiff’s U.S.-based ex-wife via Facebook. The court acknowledged that the plaintiff had attempted to serve her using more traditional means and had failed because his ex-wife had moved from her prior address and had left no forwarding address. But, she had an active Facebook account.

Accordingly, the judge concluded that service via Facebook was permissible since “despite the absence of a physical address, [Biscocho] does have a means by which he can contact [Antigua] … namely the existence of a social media account …”

So there you have it: two ground breaking rulings that set the stage for a world where social media is more than just a fad — it’s part of our day-to-day lives in the real world.

So, welcome to the new world order, folks. Social media is here to stay. Learn about it and use it to your advantage when representing your clients. And, even if you don’t, I assure you, your opponents will.

Nicole Black is a Rochester, New York attorney and Director of Business Development and Community Relations at MyCase, intuitive web-based law practice management software for the modern law firm. She is also a GigaOM Pro Analyst and is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a West-Thomson treatise. She is the founder of lawtechTalk.com and speaks regularly at conferences regarding the intersection of law and technology. She publishes four legal blogs and can bereached at niki@mycase.com.

 


Pennsylvania bar on lawyers, social media, ethics

Stacked3This week's Daily Record column is entitled "Pennsylvania bar on lawyers, social media, ethics."  My past Daily Record articles can be accessed here.

***** 

Pennsylvania bar on lawyers, social media, ethics

As social media permeates our culture, its relevance to the practice of law increases. This is because social media platforms can be used by lawyers to market their law practices and can also be mined for evidence to support their clients’ cases. Of course, any type of online interaction brings with it a host of ethical considerations and that’s why ethics committees across the country have handed down an increasing number of opinions addressing the ethical issued presented when lawyers participate on social media.

The Pennsylvania Bar Association recently joined this trend when it handed down Formal Opinion 2014-300.

In this lengthy 18-page opinion, the committee addressed a host of issues related to both using social media for marketing purposes and obtaining evidence on social media. The most interesting topics considered in this opinion revolved around using social media to obtain information about witnesses or jurors.

Specifically, the committee considered the ethics of connecting with represented and unrepresented individuals for case-related purposes and also whether lawyers may use social media to research jurors.

First, the committee addressed the ethical issues presented when lawyers use social media to mine for evidence. The committee noted that its analysis turned on whether the individual the attorney was researching was represented by counsel.

The committee joined the majority of other jurisdictions on this issue, concluding that lawyers may ethically obtain information about a represented person that is publicly available online but may not attempt to connect with or “friend” that person in order to obtain information behind a privacy wall on a social network.

Next the committee turned to the topic of how a lawyer may ethically conduct online research regarding unrepresented individuals and reached a decision that comported with those issued by the majority of other jurisdictions.

The committee concluded that information publicly available was fair game, but in order to access information behind a privacy wall, lawyers or their agents must disclose the reason for their request.

The committee emphasized the importance of avoiding deception when doing so, explaining that: “(A) lawyer may not use deception to gain access to an unrepresented person’s social networking site. A lawyer may ethically request access to the site, however, by using the lawyer’s real name and by stating the lawyer’s purpose for the request. Omitting the purpose would imply that the lawyer is disinterested, contrary to Rule 4.3(a).”

The committee also considered the issue of how lawyers may ethically use online sites to research jurors. The committee concluded that it was ethically permissible to do so as long as the information was publicly available since doing so did not constitute an ex parte communication.

Interestingly, when it came to the issue of whether an ex parte communication occurred when passive notifications are sent by some social media sites, such as LinkedIn, to notify users that an individual has viewed their profile, the committee departed from the decisions issued by the New York City Bar Committee on Professional Ethics Formal Opinion 2012-2 and the New York County Lawyers Association Formal Opinion No. 743, instead agreeing with the recent conclusion of the American Bar Association as set forth in Formal Opinion 466.

The committee explained that “(t)here is no ex parte communication if the social networking website independently notifies users when the page has been viewed. Additionally, a lawyer may be required to notify the court of any evidence of juror misconduct discovered on a social networking website.”

All in all this was an instructive, comprehensive opinion that covered a wide range of issues, many of which were not addressed in this article due to space limitations. For that reason I highly recommend that you take the time to read the opinion in its entirety. An online version can be found here: www.danieljsiegel.com/Formal_2014-300.pdf .

Nicole Black is a Rochester, New York attorney and Director of Business Development and Community Relations at MyCase, intuitive web-based law practice management software for the modern law firm. She is also a GigaOM Pro Analyst and is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a West-Thomson treatise. She is the founder of lawtechTalk.com and speaks regularly at conferences regarding the intersection of law and technology. She publishes four legal blogs and can bereached at niki@mycase.com.