Previous month:
July 2021
Next month:
February 2023

New York Bar on Whether Lawyer YouTube Videos Constitute Advertising

Stacked3Here is a recent Daily Record column. My past Daily Record articles can be accessed here.

*****

New York Bar on Whether Lawyer YouTube Videos Constitute Advertising

Lawyers have been advertising online for more than two decades. As technology evolves, the methods of online advertising also change. New social media platforms are launched, and the features of existing sites are regularly modified. 

Because the online world is ever-changing, it can sometimes be difficult for lawyers to navigate the ethical issues that arise when engaging online, especially when it comes to attorney advertising. Some interactions can be deemed personal, while others are professional. And, not all professional interactions necessarily equate to attorney advertising. 

As a result, it can sometimes be difficult to determine whether attorney advertising rules apply. Fortunately, bar association ethics committees regularly issue opinions as to which online interactions constitute attorney advertising and thus require the appropriate disclaimers.

For example, last week, the New York State Bar Association Committee on Professional Ethics handed down Ethics Opinion 1251, which focused on whether educational YouTube videos released by lawyers constitute lawyer advertising.

At the outset, the Committee confirmed that lawyers are permitted to educate the public on legal topics, and that, generally speaking, doing so does not constitute attorney advertising: “It is not unethical for a lawyer to write articles, give lectures, or write a blog about topics of general or specific interest, including the law.”

The Committee then turned to educational YouTube videos, likening them to law firm newsletters. It explained that the application of a three-prong test previously established to determine whether newsletters constituted advertising was appropriate in the context of analyzing the content of attorney YouTube videos. That test required an assessment of “the content of the communication, the intent (purpose) of the communication, and the targeted audience of the communication.” 

Next, the Committee provided examples of educational YouTube content that would not require an attorney advertising disclaimer: “To the extent that the YouTube videos provide general legal information for the public about ‘being a lawyer in the U.S.’ and ‘work-life balance,’ the videos would not constitute advertising.”

In comparison, as the Committee explained, videos focused on promotional news about the lawyer or law firm fall under the ambit of lawyer advertising: “To the extent, however, that the YouTube videos include information and news about the lawyer and her law practice for the primary purpose of retention of the inquirer, they would constitute advertising.”

The Committee also provided clarification regarding other ethical issues that may arise even when the YouTube channel and videos do not amount to attorney advertising. 

First, the Committee advised that “publishing and linking the inquirer’s name and contact information with the channel will not, in and of itself, push the content of the videos across the line into advertising.”

Second, the Committee advised lawyers to tread with caution when responding to any comments to the videos and provide only general information rather than individual legal advice in order to avoid the risk of inadvertently creating an attorney-client relationship.

Finally, the remaining issue addressed related to the possibility that a law firm might link to the YouTube channel or video from the firm’s website or other types of online firm advertisements. According to the Committee, in that situation, it may be appropriate to label the videos as lawyer advertising. 

This opinion provides lots of helpful advice, so I would suggest you read it in its entirety, especially if you’re licensed to practice in New York. If you’re a New York lawyer, should your firm choose to use YouTube or other video platforms to share educational videos, make sure to follow the guidance from this opinion. Finally, if you’re still unsure whether an attorney advertising disclaimer is required, I would suggest you include it. As I always say, better safe than sorry.

Nicole Black is a Rochester, New York attorney, author, journalist, and the head of SME and External Education at MyCase  law practice management software for small law firms. She is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a Thomson Reuters treatise. She writes legal technology columns for Above the Law and ABA Journal and speaks regularly at conferences regarding the intersection of law and technology. You can follow her on Twitter at @nikiblack or email her at [email protected].


Pennsylvania on the ethics of using smartphones for client data storage

Stacked3Here is a recent Daily Record column. My past Daily Record articles can be accessed here.

*****

Pennsylvania on the ethics of using smartphones for client data storage

These days most lawyers use smartphones for work-related reasons. Smartphone use has become so common that according to the ABA’s 2022 Legal Technology Report, 81% of lawyers surveyed reported that they used smartphones in the courtroom.

Of course, whenever lawyers use technology, security and ethical risks must be considered, and smartphones are no exception. Fortunately, state ethics bars are rising to the occasion and providing guidance for lawyers who store confidential client contact information on their mobile devices.

For example, a few months ago I wrote about New York Ethics Opinion 1240. In this case, handed down in April, the Committee on Professional Ethics considered whether it’s ethical for lawyers who store current, former, or prospective client contact information on their phones to consent to share their contacts with a smartphone app.

The Committee concluded that if a lawyer found that the contact information included confidential client information, “the lawyer may not consent to share contacts with a smartphone app unless the lawyer concludes that no human being will view that confidential information and that the information will not be sold or transferred to additional third parties, without the client’s consent.”

More recently, Pennsylvania Bar Association Committee on Legal Ethics and Professional Responsibility addressed a similar issue. In Formal Opinion 2022-500, the Committee considered the ethical considerations that arise when lawyers store client information on a smartphone.

The Committee agreed, in part, with the conclusions reached by the New York committee relating to client contact information stored on mobile devices, but expanded its focus to also address issues concerning others types of confidential information stored on smartphones.

The Committee explained that the Pennsylvania Rule of Professional Conduct 1.6, which addresses client confidentiality, differs from New York’s Rule and precludes a lawyer from revealing “information relating to representation of client,” a concept that encompasses a broader range of data than the New York Rule.

As a result, the Committee determined that if a lawyer’s smartphone contains information relating to client representation, “then the lawyer may not consent to share the information with a smartphone app unless the lawyer concludes that no human being will view that information, and that the information will not be sold or transferred to additional third parties, without the client’s consent.”

Precautions lawyers must take to protect confidential client information governed by Pa.R.P.C. 1.6. In some circumstances, this may include declining to give certain permissions to certain apps, avoid installing certain apps, or choosing not to store confidential information on their smartphones.

The Committee provided the following guidance for lawyers seeking to comport with their ethical obligations to maintain client confidentiality when using mobile devices and interactign online:

• When possible, do not store Rule 1.6 information on smartphones.
• Limit the ability of apps to access data, such as contacts, calendars, photographs, camera, microphone, location, files and more. While lawyers have an ethical obligation to do so, it also makes sense to limit the access of apps as much as feasible to protect the privacy of clients and lawyers.
• Android and Apple make it relatively easy to determine which apps access which types of data. For Apple users, check and set permissions by going to Settings > Privacy. For
Android users, check and set permissions by going to Settings > Apps > tap the App >
Permissions. The manufacturers also provide guidance on their websites.
• Minimize risks by not oversharing on social media.
• Keep device software up to date.
• Use a device passcode.
• Use a password manager.
• Enable Multifactor Authentication (MFA) when available.
• Always check and set app permissions to bar or minimize exposure of extraneous data to apps while retaining their functionality.

The guidance offered in both opinions is useful regardless of whether you’re licensed in those jurisdictions. This is especially so if your jurisdiction has not yet weighed in on these ethical issues.

The bottom line: take care whenever you interact online and when storing confidential client data on your mobile devices. Think before you type, and carefully consider whether to share client-related data, including contact information, with any apps that you download.

Nicole Black is a Rochester, New York attorney, author, journalist, and the head of SME and External Education at MyCase  law practice management software for small law firms. She is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a Thomson Reuters treatise. She writes legal technology columns for Above the Law and ABA Journal and speaks regularly at conferences regarding the intersection of law and technology. You can follow her on Twitter at @nikiblack or email her at [email protected].


Pennsylvania Provides Further Guidance on Secure Client Communication

Stacked3Here is a recent Daily Record column. My past Daily Record articles can be accessed here.

*****

Pennsylvania Provides Further Guidance on Secure Client Communication

Are you still using email to communicate with your clients about confidential matters? If so, you might want to re-think that approach. Because when it comes to secure communication, the tide is most decidedly turning.

For many years there were rumblings of security issues with email in earlier opinions, and in 2017 the American Bar Association weighed in more definitively when it issued Opinion 477R. In that opinion, the ethics committee concluded that lawyers should avoid using unencrypted email when discussing particularly sensitive matters. Then, during the early days of the pandemic, both Pennsylvania (Formal Opinion 2020-300) and Wisconsin (Formal Ethics Opinion EF-21- 02) ethics committees referenced the ABA opinion’s conclusion and adopted its basic premise regarding secure communication in the context of providing ethical guidance for remote work.

Fast forward to 2022, and the Pennsylvania Bar Association has issued yet another helpful opinion that offers further guidance on the obligation of lawyers when communicating with clients using unencrypted email. In Formal Opinion 2022-400, the Pennsylvania Bar Association Committee on Legal Ethics and Professional Responsibility considered the ethical obligations of attorneys when “transmitting information relating to the representation of a client to clients, opposing counsel, judges, and others.”

The Committee reviewed the ethical obligations triggered when lawyers communicate with clients along with the conclusions reached in other jurisdictions related to secure electronic communications. The Committee ultimately determined that in some situations, it is ethically permissible for attorneys to communicate about clients for work-related purposes using unencrypted email.

However, the Committee concluded that prior to doing so should, lawyers should, on a case-by-case basis, evaluate the benefits and risks associated when using unencrypted email given the nature of the information that will be discussed. Attorneys must discuss the risks and benefits of unencrypted communication with their clients, and if the risks outweigh the benefits, compliance with competence requirements may necessitate the use of more secure methods for communication.

According to the Committee, certain information should never be sent using unencrypted email, such as when a client has requested maximum security for certain information or when highly sensitive materials are being discussed or shared. The Committee also provided valuable guidance to help lawyers determine whether unencrypted email is the most appropriate method for a particular communication.

The Committee explained that lawyers should:

Whenever possible, avoid transmitting files containing information relating to the representation of a client as email attachments
Consider using “Encrypt & Prevent Forwarding” features if available
Advise clients not to forward emails or memos to third parties.
Encrypt communications or use passwords for attachments containing client-related information
Reduce the likelihood of unauthorized access by using a central file-sharing portal, cloud storage provider, or similar service
Consider using a client portal to eliminate the need to attach files to email and or use an end-to-end encrypted email service.

The easiest way to protect confidential client information when communicating electronically is to use a secure client portal built for law firms, like the ones built into law practice management software. By doing so, you avoid the hassle of assessing security risks on a case-by-case and email-by-email basis.

Encrypted email can be difficult to set up and often requires the assistance of an IT expert. In comparison, client portals are built into user-friendly software, and no IT assistance is needed to set them up.

Secure client communication portals provide an encrypted tunnel that protects client data and solves the problem of scattered communications. All client portal messages are stored in a secure, centralized online location that is easily accessible 24/7. All messages are connected with the appropriate case file, and your client’s confidential information is protected from prying eyes.

If your law firm is still using unencrypted email to discuss confidential client issues and has not yet transitioned to a more secure communication method, there’s no time like the present to make that change. The writing is on the wall: unencrypted email is an outmoded and ethically questionable way to communicate about client matters. Make the switch to an encrypted form of electronic communication today, and rest easy knowing that your law license, and your client’s data, are protected.

Nicole Black is a Rochester, New York attorney, author, journalist, and Senior Director of SME and External Education at MyCase legal practice management software. She is the nationally-recognized author of "Cloud Computing for Lawyers" (2012) and co-authors "Social Media for Lawyers: The Next Frontier" (2010), both published by the American Bar Association. She also co-authors "Criminal Law in New York," a Thomson Reuters treatise. She writes regular columns for Above the Law, ABA Journal, and The Daily Record, has authored hundreds of articles for other publications, and regularly speaks at conferences regarding the intersection of law and emerging technologies. She is an ABA Legal Rebel, and is listed on the Fastcase 50 and ABA LTRC Women in Legal Tech. She can be contacted at [email protected].

 

Nicole Black is a Rochester, New York attorney, author, journalist, and the head of SME and External Education at MyCase  law practice management software for small law firms. She is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a Thomson Reuters treatise. She writes legal technology columns for Above the Law and ABA Journal and speaks regularly at conferences regarding the intersection of law and technology. You can follow her on Twitter at @nikiblack or email her at [email protected].


Wellness for Lawyers: How Technology Can Help

Stacked3Here is a recent Daily Record column. My past Daily Record articles can be accessed here.

*****

Wellness for Lawyers: How Technology Can Help

It’s been more than two long years since the onset of the pandemic, and although things seem to be slowly, steadily improving, we’re not yet in the clear. The stressors of living during this unpredictable time cannot be underestimated. Some have experienced COVID-related health scares both personally and within their close circles of family and friends. Others have endured constant low levels of stress brought on by the uncertain times in which we’ve had to exist.

For lawyers, managing stress can be challenging, and it’s not something many of us are very good at. That’s why this year’s Solo and Small Firm Conference at the Monroe County Bar Association focused on lawyer wellness, and the goal was to provide lawyers with strategies to help them address and reduce stress.

Recently, I spoke on a panel at that conference with Aleksander Nikolas and Jared Correia that focused on using IT tools for firm management and personal wellness. We each shared a variety of tips related to office productivity, wellness technology, and environmental changes that can be made to facilitate better mental and physical health.

Here are some of our top tips from each category. First, let’s tackle productivity. Jared emphasized the value of developing productivity systems and provided several different examples. The first is the OHIO method for email management, or “Only Handle It Once,” which means you either act on it, file it, or delete it. Other systemic solutions that he recommended considering are “Getting Things Done” (GTD), the Checklist Manifesto, the Pomodoro method, and Eat the Frog (do least desirable tasks first).

Other advice he offered related to technology choices and included going paperless and using document management tools, and taking advantage of time-tracking and calendaring tools to ensure productivity in your firm. Finally, he strongly suggested that lawyers learn to delegate, avoid multi-tasking, turn off email notifications, and set aside a specific time each day to review emails.

Next up was wellness technology, which was my category. I recommended that attendees check out several wellness mobile apps for meditation, including Calm, Headspace, and Stoic. I also explained how SmartWatches are an excellent tool for tracking and maintaining wellness since they typically include physical activity trackers, meditation, breathing and sleep-tracking apps, built-in features that protect hearing, and monitor and store other health-related data as well.

I also discussed the health-related benefits of Smart Assistants like Amazon’s Alexa. Using this technology, you can play relaxing music, launch meditation apps, and listen to sleep sounds, white noise, or positive affirmations such as my favorite, the Seneca daily quote.

Last but not least, Aleks discussed steps lawyers could take to improve their work environment. One of the topics he covered was office technology and equipment. He provided a list of resources that offer buying guides to assist in understanding the difference between marketing language and valuable features for technology products.

He recommended two sites for technology features and terminology explanations: https://www.newegg.com/insider/category/buying-guides/ and
https://www.neweggbusiness.com/smartbuyer/.

To monitor buying information, he suggested this website:
https://www.tomshardware.com/reviews/monitor-buying-guide,5699.html. And for laptop purchases, he pointed lawyers to these websites:
https://www.wired.com/story/how-to-buy-the-right-laptop-for-you/ and
https://www.neweggbusiness.com/smartbuyer/buying-guides/choosing-a-laptop-for-business-a-guide-to-brands-and-categories/.

He explained that if you’re in the market for new technology for your law office, those resources are a great place to start, but that you should always start your research by searching for updated guides since the latest models with new features are constantly being released.

At the close of the presentation, we emphasized that wellness results from the choices you make on a daily basis and that there’s no time like the present to start making better choices that lead to better health. With that, we ended our talk with this apropos Dr. Suess quote that’s worth mulling over: “Step with great care and great tact, and remember that life’s a great balancing act.”

Nicole Black is a Rochester, New York attorney, author, journalist, and the head of SME and External Education at MyCase  law practice management software for small law firms. She is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a Thomson Reuters treatise. She writes legal technology columns for Above the Law and ABA Journal and speaks regularly at conferences regarding the intersection of law and technology. You can follow her on Twitter at @nikiblack or email her at [email protected].


Technology Competence Requires Ethical Compliance During Remote Proceedings

Stacked3Here is a recent Daily Record column. My past Daily Record articles can be accessed here.

*****

Technology Competence Requires Ethical Compliance During Remote Proceedings

With new COVID-19 variants popping up left and right, we face renewed uncertainty about the pandemic and the near future. As a result, many law firms continue to allow remote work, and some legal proceedings are occurring virtually.

The challenging times we face highlight the importance of ensuring that not only that your law firm is as fully functional as possible when working remotely, but that lawyers and staff comply with ethical obligations even when attending online proceedings.

Part of this requirement is that lawyers maintain a duty of technology competence. Technology competence is not a new concept. There are now 40 states that have adopted this ethical requirement. The most recent one to do so was Hawaii, which revised Comment 6 to Rule 1.1 of the state’s Rules of Professional Conduct to indicate that lawyers must “keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” The revision became effective earlier this year on January 1, 2022.

As more states increasingly adopt this ethical requirement, it becomes all the more important for lawyers to have a thorough understanding of their technology competence obligation, which includes understanding their ethical duties and how they apply during remote proceedings. The failure to do so can often have significant ramifications.

Case in point: a recent State Bar of Arizona disciplinary proceeding wherein a lawyer was recently suspended for 60 days for impermissibly coaching a client by using chat features while the client was being cross-examination on a video meeting platform.

In the Matter of a Member of the State Bar of Arizona, Ryan Patrick Claridge, Bar No. 031752, it was alleged that Claridge sent chat messages to his client that “directed her to provide specific, substantive answers to specific questions that were being asked of her.”

According to the Court, when Claridge was admonished for sending the chat messages, he agreed to stop sending them but justified his actions by saying that “it would be the same as if I shook my head in the courtroom.”

The Court disagreed and imposed sanctions after concluding that his “conduct violated Arizona Supreme Court Rule 42, specifically: ER 3.4(a)(fairness to an opposing party; ER 8.4(c)(deceit); and ER 8.4(d)(conduct prejudicial to the administration of justice)...”

This conclusion makes sense. After all, virtual behavior is simply an extension of offline behavior, and coaching clients during a deposition is impermissible whether it’s done in person or electronically. In other words, the medium doesn't change the message.
When participating in a remote deposition, understanding your jurisdiction’s ethical rules is paramount. Doing so ensures that your interactions both online and offline are permissible. With that necessary foundation, you'll be in a position to assess whether your virtual conduct is, in fact, ethical.

Certainly, the online world sometimes presents situations that are not easily translated into offline conduct, but I would argue that this was not one of them. During depositions, coaching is coaching no matter the format, and doing so is unethical.

As we head into a future that will undoubtedly include increased online interaction even after the pandemic has abated, it’s all the more important to ensure that you err on the side of caution and tread lightly when interacting remotely with clients, opposing parties, their attorneys and the court. As I always say, better safe than sorry - especially when your license to practice law could be at risk.

Nicole Black is a Rochester, New York attorney, author, journalist, and the head of SME and External Education at MyCase  law practice management software for small law firms. She is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a Thomson Reuters treatise. She writes legal technology columns for Above the Law and ABA Journal and speaks regularly at conferences regarding the intersection of law and technology. You can follow her on Twitter at @nikiblack or email her at [email protected].


NYC Bar on Ethics of Copying Clients on Emails

Stacked3Here is a recent Daily Record column. My past Daily Record articles can be accessed here.

*****


NYC Bar on Ethics of Copying Clients on Emails

Lawyers have used email for decades, ever since the mid-1990s when ethics committees determined that it was permissible for lawyers to use email to communicate about case-related matters. Fast forward to 2022, and most lawyers now use email at least occasionally as part of their day-to-day practice.

However, some have begun transitioning to more secure communication methods like encrypted client portals. This switch is occurring because traditional email can be problematic for several different reasons.

For starters, it’s inherently unsecure and is the equivalent of mailing a postcard written in pencil. For that reason, as technology improves, ethics standards are changing with the times, and a number of jurisdictions have handed down opinions advising lawyers to avoid unecrypted email when discussing particularly sensitive information.

Another problem encountered when using email is that the features that allow copying (cc) or blind copying (bcc) clients, while seemingly innocuous, can present ethical issues. The NYC Bar recently opined on this practice in Formal Opinion 2022-3. At issue was whether it is ethical for lawyers to cc or bcc their clients on emails sent to other attorneys.

The Committee on Professional Ethics explained that this common practice triggers several ethical concerns: “Attorneys who copy their clients on email communications with other counsel may expose their clients to risks, including: (1) that the client will receive a direct communication from other counsel; and (2) that the client will intentionally or inadvertently reveal confidential information or waive privilege by replying to all.”

At the outset, the Committee focused on the ethical obligations of the client’s attorney in this situation. According to the Committee, attorneys who choose to copy their clients on emails to other counsel must engage in a risk-benefit analysis. The Committee explained that in litigation and other adversarial matters, the risk nearly always outweighs the benefit. Thus in those cases, lawyers should consider forwarding the email to their clients rather than copying them on the email.

In comparison, for less contentious proceedings, lawyers can copy their clients on emails with other attorneys but should consider taking the precaution of “(1) entering into an agreement with the other attorneys making clear who is to be cc’d on communications; and (2) discussing the risks of such communications with the client, advising the client to be mindful of such risks, and ensuring the client’s appreciation of the risks and agreement to proceed as contemplated.”

Next, the Committee addressed what a lawyer should do upon receiving an email from an attorney in which that attorney’s client is copied. After considering precedent from both the NYC Bar and other jurisdictions, the Committee determined that “an attorney who cc’s their own client on an email to other counsel should reasonably expect that such other counsel will use the reply all function and thus consents to the other counsel doing so within the meaning of Rule 4.2(a).” However, the Committee cautioned that “(t)his implied consent is limited, however, and must be construed reasonably under the circumstances.”

Finally, the Committee considered the receiving attorney's ethical duty when opposing counsel “bcc’s their client on an email with other counsel and the client then replies to all.” The Committee concluded that in that situation attorney of the client who has been bcc’d “has not impliedly consented, without more, to other counsel’s contacting the attorney’s client.”

If you’re a New York lawyer and are still using email to communicate with clients, take heed. Think twice before adding clients to an email. Otherwise, you risk opening up a Pandora’s box of ethical risks. I would instead suggest that a wiser route to take would be to avoid the ethical issues altogether by simply forwarding the email to your client. As I always say, better safe than sorry.

Nicole Black is a Rochester, New York attorney, author, journalist, and the Legal Technology Evangelist at MyCase legal practice management software. She is the nationally-recognized author of "Cloud Computing for Lawyers" (2012) and co-authors "Social Media for Lawyers: The Next Frontier" (2010), both published by the American Bar Association. She also co-authors "Criminal Law in New York," a Thomson Reuters treatise. She writes regular columns for Above the Law, ABA Journal, and The Daily Record, has authored hundreds of articles for other publications, and regularly speaks at conferences regarding the intersection of law and emerging technologies. She is an ABA Legal Rebel, and is listed on the Fastcase 50 and ABA LTRC Women in Legal Tech. She can be contacted at [email protected].

Nicole Black is a Rochester, New York attorney, author, journalist, and the head of SME and External Education at MyCase  law practice management software for small law firms. She is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a Thomson Reuters treatise. She writes legal technology columns for Above the Law and ABA Journal and speaks regularly at conferences regarding the intersection of law and technology. You can follow her on Twitter at @nikiblack or email her at [email protected].

 


Sign of the Times: New York To Require Cybersecurity CLE Credits

Stacked3Here is a recent Daily Record column. My past Daily Record articles can be accessed here.

*****

Sign of the Times: New York To Require Cybersecurity CLE Credits


When was the last time you attended a CLE course focused on cybersecurity issues? If you’re anything like most lawyers, chances are you’ve never taken one. But if you’re a New York lawyer, that will soon change.

For many members of the legal profession, technology adoption tends to be an afterthought, trumped by the noble cause of client representation. After all, you didn’t go to law school to learn about mobile apps and cloud computing software; your goal was to learn how to practice law.

Unfortunately, the tides of change have other plans. Over the past decade, technology has advanced at unprecedented rates. The internet has become our source of truth, and cloud computing is now the default computing system used by people - and lawyers - worldwide. Mobile devices are prolific in the legal profession, and smartphones are commonplace.

Even before COVID-19, technology was unavoidable. But after the onset of the pandemic, legal technology adoption accelerated at rates never before seen as lawyers sought to keep their firms afloat despite the social distancing requirements and unpredictability of the pandemic.

A side effect of the rapid uptick in technology use by lawyers was the significant increase in cyberattacks, including email phishing, email spoofing, malware, social engineering attacks, and brute force hacking. This was bad news for the law firms that were struggling with technology adoption and implementation and many were wholly unprepared for the frequency and variability of the attacks.

As we try to find a new normal on what may be the other side of the pandemic, cybersecurity concerns are paramount for many law firms, which is why New York’s recently enacted cybersecurity CLE requirement is so timely.

Last month, on June 10th, the Departments of the New York State Supreme Court, Appellate Division issued a Joint Order that requires that all New York attorneys complete one hour of cybersecurity continuing legal education as part of their biannual registration requirement. The Order takes effect on January 1, 2023.

The new CLE requirement encompasses two types of cybersecurity courses. Lawyers will have the option of taking a cybersecurity CLE focused on either ethics or law practice.

The ethics option covers cybersecurity, privacy, and data protection, and ethics, and “must relate to lawyers’ ethical obligations and professional responsibilities regarding the protection of electronic data and communication.”

In comparison, the training related to practicing law encompasses the “technological aspects of protecting client and law office electronic data and communication,…vetting and assessing vendors and other third parties relating to policies, protocols and practices on protecting electronic data and communication; applicable laws relating to cybersecurity (including data breach laws) and data privacy; and law office cybersecurity, privacy and data protection policies and protocols.”

So pick your poison, New York lawyers. Come January, a cybersecurity CLE is in your future. It’s simply a matter of choosing the cybersecurity category that provides the foundational knowledge that you need to maintain your already-existing ethical obligation of technology competence. No matter how you look at it, it’s a win-win situation all around.

Nicole Black is a Rochester, New York attorney, author, journalist, and the head of SME and External Education at MyCase  law practice management software for small law firms. She is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a Thomson Reuters treatise. She writes legal technology columns for Above the Law and ABA Journal and speaks regularly at conferences regarding the intersection of law and technology. You can follow her on Twitter at @nikiblack or email her at [email protected].

 


New York on the Ethics of Sharing Phone Contacts With Mobile Apps

Stacked3Here is a recent Daily Record column. My past Daily Record articles can be accessed here.

*****

New York on the Ethics of Sharing Phone Contacts With Mobile Apps

It’s hard to believe that it’s been fifteen years since the iPhone was released. A lot has changed during that time, not the least of which is the number of lawyers who use smartphones, with the vast majority of attorneys now owning smartphones in 2022. Many also regularly download many different apps onto their mobile devices, which isn’t surprising since the apps are oftentimes what make our mobile devices truly useful.

Unfortunately, mobile apps can also present ethical issues for lawyers, especially when it comes to the types of information collected by an app. For example, some apps require access to all of the contact data stored on your mobile device. Because so many lawyers store client contact information on their phones, consenting to disclose that information can trigger ethics regulations.

This very issue was recently addressed in New York Ethics Opinion 1240. In this case, handed down in April, the Committee on Professional Ethics considered whether it’s ethical for lawyers who store current, former, or prospective client contact information on their phones to consent to share their contacts with a smartphone app.

At the outset, the Committee addressed the ways that contact data can be exploited after being shared with an app: “Social media apps may…establish links between users…(or) sell products or services may seek such access to promote additional sales…(or) disseminate…(political) views.”

Next, the Committee confirmed that the names of clients can amount to confidential information, as can the existence of a client contact on a lawyer’s mobile device. The Committee explained that “(a) contact could be confidential because it reflects the existence of a client-attorney relationship which the client requested not be disclosed or which, based upon particular facts and circumstances, would be likely to be embarrassing or detrimental to the client if disclosed.”

According to the Committee, “a client is more likely to find that disclosure of the fact of a current or prior representation by a lawyer is embarrassing or detrimental where the representation involves or involved criminal law, bankruptcy, debt collection or family law.”


For that reason, lawyers must make “reasonable efforts to prevent the unauthorized access of others to those names, whether stored as a paper copy in a filing cabinet, on a smartphone, or in any other electronic or paper form.”

Therefore, before downloading an app that requires access to contacts on the phone, lawyers must “determine whether any contact – even one – is confidential within the meaning of Rule 1.6(a).”

There are a number of factors that should be considered when assessing the confidentiality of a client contact. First, determine whether “the contact information identifies the smartphone owner as an attorney, or more specifically identifies the attorney’s area of practice (such as criminal law, bankruptcy law, debt collection law, or family law).” Another issue to think about is whether the contact data on the phone specifies that the person is a client, as opposed to a friend or family member. Finally, consider the other types of personal information included in a contact, such as email addresses, residence or work addresses, the names of family members, financial data, or other information not readily available in the public realm.

The Committee concluded that if, after making that assessment, a lawyer found that the contact information included confidential client information, “the lawyer may not consent to share contacts with a smartphone app unless the lawyer concludes that no human being will view that confidential information and that the information will not be sold or transferred to additional third parties, without the client’s consent.”

In other words, if you choose to store client contact information on your mobile device, tread lightly when downloading apps. If an app requires access to contact data, think twice lest you open up a can of worms that could lead to client embarrassment, a disciplinary complaint, or even the loss of your law license. As I always say, better safe than sorry.

Nicole Black is a Rochester, New York attorney, author, journalist, and the head of SME and External Education at MyCase  law practice management software for small law firms. She is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a Thomson Reuters treatise. She writes legal technology columns for Above the Law and ABA Journal and speaks regularly at conferences regarding the intersection of law and technology. You can follow her on Twitter at @nikiblack or email her at [email protected].