Confidentiality, Smart Phones and Lawyers, oh my!
March 21, 2011
A pdf of the article can be found here and my past Daily Record articles can be accessed here.
Confidentiality, Smart Phones and Lawyers, oh my!
Just like the general population, more lawyers are using mobile devices than ever before and their use of smart phones and mobile devices is increasing every year. According to the American Bar Association’s 2010 Legal Technology Survey Report, which was released in July 2010, 76% of responding lawyers reported using smart phones, up from 64% in 2009.
As reported in the survey, lawyers use their smart phones in a variety of ways, not the least of which is in the courtroom. In fact, lawyers use of smart phones while in court increased in 2010 to 71 percent from 60 percent in the 2009. And, while in court, lawyers perform a variety of function using their phones: 64 percent of respondents reported using their smart phones to check e-mail, 60 percent used their phones to send e-mail, and 46 percent perform calendaring functions on their phones.
Of course, as smart phone use increases and lawyers send, receive and store confidential client information on their mobile devices, legal ethics obligations are triggered and lawyers need to understand how to meet their ethical duties when using these devices.
Last September, the Professional Ethics Committee of the Florida bar considered this very issue in Opinion 10-2, which addressed the ethical obligations of lawyers in regard to data stored on the hard drives of “storage media”.
As defined in the opinion, “storage media” includes any media that stores digital representations of documents, including computers, printers, copiers, scanners, mobile devices such as cellular phones or personal digital assistants, flash drives, memory sticks, facsimile machines.
Importantly, the Committee emphasized that lawyers using these devices must familiarize themselves with new technologies and “have a duty to keep abreast of changes in technology to the extent that the lawyer can identify potential threats to maintaining confidentiality.”
The Committee also explained that lawyers choosing to use mobile devices and other storage media in their law practices must take reasonable steps to ensure that client confidentiality is maintained. One important part of this duty includes the obligation to identify any “potential threat(s) to confidentiality along with the development and implementation of policies to address the potential threat to confidentiality.”
The Committee noted that lawyers who use mobile devices also have a supervisory responsibility that extends to not only to the lawyer’s own employees but to “entities outside the lawyer’s firm with whom the lawyer contracts to assist in the care and maintenance of the Devices in the lawyer’s control.” Part of the lawyer’s supervisory duty requires that the lawyer obtain assurances from any nonlawyers who will have access to confidential information that confidentiality of the information will be maintained.
Interestingly, the conclusions reached by the Professional Ethics Committee of Florida regarding lawyers use of mobile technologies mirror the conclusions reached by the New York State Bar Association’s Committee on Professional Ethics in Opinion 842, also issued in September 2010, which addressed the ethical obligations of lawyers who choose to store confidential client information online using cloud computing services.
In Opinion 842, the Committee concluded that: “A lawyer may use an online data storage system to store and back up client confidential information provided that the lawyer takes reasonable care to ensure that confidentiality will be maintained in a manner consistent with the lawyer’s obligations under Rule 1.6. In addition, the lawyer should stay abreast of technological advances to ensure that the storage system remains sufficiently advanced to protect the client’s information, and should monitor the changing law of privilege to ensure that storing the information online will not cause loss or waiver of any privilege.” The Committee also noted that lawyers must ensure that their cloud provider has an enforceable obligation to preserve confidentiality and security.
Mobile devices and cloud computing are becoming ubiquitous in our culture and it is increasingly difficult to avoid the use of these technologies in one’s law practice. As a result, ethics committees across the country are wisely requiring lawyers keep up to date regarding new technologies in order to comport with their ethical duties to maintain client confidentiality.
The ethics committees are facing reality and so should you. Don’t turn a blind eye to technology; learn about and embrace emerging technologies. You owe it to yourself, your practice, and your clients.
Great piece! The reality is that learning and working with technology can go a long way toward dramatically improving the confidentiality and security of client information. However, sometimes it seems as though technology - even technology that's been used successfully by business for a long time - is given an unwarranted presumption of insecurity. At the same time, "old school" methods (like paper files, filing cabinets, shared offices) don't draw as much scrutiny when, as a practical matter, they can be far less secure. These days, it almost feels as though an attorney not utilizing available technology should have the burden of proving her reasonable care; not vice-versa.
Posted by: Mike | March 21, 2011 at 03:13 PM