Think before you post to social media lest you face 6-month suspension
Sign of the Times: New York To Require Cybersecurity CLE Credits

New York on the Ethics of Sharing Phone Contacts With Mobile Apps

Stacked3Here is a recent Daily Record column. My past Daily Record articles can be accessed here.


New York on the Ethics of Sharing Phone Contacts With Mobile Apps

It’s hard to believe that it’s been fifteen years since the iPhone was released. A lot has changed during that time, not the least of which is the number of lawyers who use smartphones, with the vast majority of attorneys now owning smartphones in 2022. Many also regularly download many different apps onto their mobile devices, which isn’t surprising since the apps are oftentimes what make our mobile devices truly useful.

Unfortunately, mobile apps can also present ethical issues for lawyers, especially when it comes to the types of information collected by an app. For example, some apps require access to all of the contact data stored on your mobile device. Because so many lawyers store client contact information on their phones, consenting to disclose that information can trigger ethics regulations.

This very issue was recently addressed in New York Ethics Opinion 1240. In this case, handed down in April, the Committee on Professional Ethics considered whether it’s ethical for lawyers who store current, former, or prospective client contact information on their phones to consent to share their contacts with a smartphone app.

At the outset, the Committee addressed the ways that contact data can be exploited after being shared with an app: “Social media apps may…establish links between users…(or) sell products or services may seek such access to promote additional sales…(or) disseminate…(political) views.”

Next, the Committee confirmed that the names of clients can amount to confidential information, as can the existence of a client contact on a lawyer’s mobile device. The Committee explained that “(a) contact could be confidential because it reflects the existence of a client-attorney relationship which the client requested not be disclosed or which, based upon particular facts and circumstances, would be likely to be embarrassing or detrimental to the client if disclosed.”

According to the Committee, “a client is more likely to find that disclosure of the fact of a current or prior representation by a lawyer is embarrassing or detrimental where the representation involves or involved criminal law, bankruptcy, debt collection or family law.”

For that reason, lawyers must make “reasonable efforts to prevent the unauthorized access of others to those names, whether stored as a paper copy in a filing cabinet, on a smartphone, or in any other electronic or paper form.”

Therefore, before downloading an app that requires access to contacts on the phone, lawyers must “determine whether any contact – even one – is confidential within the meaning of Rule 1.6(a).”

There are a number of factors that should be considered when assessing the confidentiality of a client contact. First, determine whether “the contact information identifies the smartphone owner as an attorney, or more specifically identifies the attorney’s area of practice (such as criminal law, bankruptcy law, debt collection law, or family law).” Another issue to think about is whether the contact data on the phone specifies that the person is a client, as opposed to a friend or family member. Finally, consider the other types of personal information included in a contact, such as email addresses, residence or work addresses, the names of family members, financial data, or other information not readily available in the public realm.

The Committee concluded that if, after making that assessment, a lawyer found that the contact information included confidential client information, “the lawyer may not consent to share contacts with a smartphone app unless the lawyer concludes that no human being will view that confidential information and that the information will not be sold or transferred to additional third parties, without the client’s consent.”

In other words, if you choose to store client contact information on your mobile device, tread lightly when downloading apps. If an app requires access to contact data, think twice lest you open up a can of worms that could lead to client embarrassment, a disciplinary complaint, or even the loss of your law license. As I always say, better safe than sorry.

Nicole Black is a Rochester, New York attorney, author, journalist, and the head of SME and External Education at MyCase  law practice management software for small law firms. She is the author of the ABA book Cloud Computing for Lawyers, co-authors the ABA book Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York, a Thomson Reuters treatise. She writes legal technology columns for Above the Law and ABA Journal and speaks regularly at conferences regarding the intersection of law and technology. You can follow her on Twitter at @nikiblack or email her at [email protected].