Category Archives: Attorney Ethics & Social Media

There really IS a new tech duty

Ethics tiles

For ages, lawyers have been able to stick their head in the sand about technology. At the very least, we’ve been able to push the problems to the another part of the sandbox. If the copier jammed, we’d shout for our secretary and leave it to her to fix (and in was usually a “her” in those days). If our computer locked up, we’d shout for the IT guy and we’d expect it to be up and running when we were back from lunch (and it was usually a “him” in those days). But technologies today are different and they are causing new duties to be created for lawyers.

For instance, the disciplinary authorities know that technology like cloud storage is prevalent these days. They also understand that the dangers inherent in using those new technologies are severe. As a result, a new duty applies to lawyers who use the cloud.

For some time I’ve been shouting that there exists a duty to understand technology. I’m not talking about understanding the law regarding technology. I mean a duty to understand the underlying technology itself. Granted, one might argue that there isn’t a separate duty in that regard and that it’s really just a subset of the duty of competence (Rule 1.1). To that I reply, “toe-may-to, toe-mah-to.” I don’t care how it fits into the rules, the bottom line is that it’s there and a recent ethics opinion in Alaska proves it’s existence. See Alaska Bar Association Ethics Opinion No. 2014-3.

On page 3, the authors state, “A lawyer engaged in cloud computing must have a basic understanding of the technology used and must keep abreast of changes in technology…Technological changes, the regulatory framework, and privacy laws are all matters requiring the lawyer’s attention.”

Thus, if you want to use technology, you must understand that technology. YOU must understand it. Not just your secretary or the IT guy/gal. You, individually, must understand the underlying technology.

For the ethics geeks like me, you aren’t surprised that this text is in the Alaska opinion. Heck, we’ve seen this in several opinions recently. But there are a bunch of you out there who didn’t believe me when I told you this at some of my CLE seminars. So, I guess what I’m really saying in this post is….“Told you so.”

Share

If this guy were a lawyer, he’d have a problem…

I’ve often mentioned an interesting quirk in Rule 7.1– that’s the rule in the advertising section of the code that prohibits false or misleading statements about ourselves or our services.  Most people think that the clause only applies to ads, since it’s located around all of the other advertising rules.  However, it’s much broader.

Rule 7.1 prohibits false or misleading misrepresentations about ourselves or our services at any time and in any forum– that means whenever  we talk about ourselves.  Crime Writer RJ Ellroy would have a problem with this rule, if he were a lawyer.

It appears that Mr. Ellroy posted bogus reviews of his own novel on Amazon.com (see the article here).  My gut tells me that if a lawyer did that, they’d have a problem.  Imagine if a lawyer found their own listing online somewhere and planted fake testimonials– they’d most likely be making the type of misleading statement that violates Rule 7.1.

That’s a good example of the wide breadth of the rule. RJ Ellroy will likely be subject to public scorn, but if he were a lawyer he’d also be subject to discipline.

Share

Confidentiality: The ABA’s Changes

Last week the ABA made an important change to Rule 1.6, “Confidentiality.”  On its face, the change doesn’t seem like much—the drafters added a new section 1.6(c) which states, “A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.”

That doesn’t seem like such a big deal, especially since the sentiment already existed in the commentary to the rules.  The need to safeguard our clients’ information was already stated in a slightly different form in Comment [16] to Rule 1.6.  And why shouldn’t it be—isn’t it an obvious point?  So why would the drafters simply take language that already existed in the commentary, tweak it, and move it to the rule itself?  It’s about addressing technology head on.

Lawyers are increasingly using new technologies like cloud storage sites and software as a service (SaaS) to store client data.  While helpful, the obvious risk of using these sites is that there is a potential for disclosing information.  Plus, this isn’t just about could-computing or websites, it’s about using any new technology, whether it be mobile storage devices, unencrypted wireless routers, iPads, etc.  The more we use these technologies, there more opportunities we have to reveal client information.  The drafters must have believed that the more frequent use of these types of technologies demands an increased emphasis on the need to protect client information.  Thus, by expanding the language and moving it to the actual text of the rule, the drafters are telling the bar that this issue is no longer just commentary, or “secondary guidance.” Now it’s a primary duty.

So now we know that before we use new technologies we have a duty to make reasonable efforts to prevent the release of information relating to the client.  But what does that mean? How do you know if the efforts you used were actually “reasonable?”  More on that in the next post…

Share

ABA Adopts New Ethics Rules!

A few days ago the ABA adopted amendments to the Model Rules of Professional Conduct. Many of these amendments were a response to issues regarding social media, but not entirely.  Over the next week I’ll be reviewing the rules and blogging about what the changes mean.

You can find all of the new rules here:

http://www.americanbar.org/content/dam/aba/administrative/ethics_2020/20120808_house_action_compilation_redline_105a-f.authcheckdam.pdf

 

IMPORTANT NOTE:  Remember, these rule changes only amend the ABA’s Model Code.  Each individual state must now determine which, if any, amendments they want to include in their own codes. That process will obviously take some time, given the requirement for debate, public comment, etc.

 

 

 

 

 

Share

Dear Law Students: Clean it Up

I’ve been speaking with a bunch of law students lately and I thought I’d share the unsolicited advice that I’ve been dispensing. It’s never too early to clean up your Facebook page.

We all know the types of photos being posted on social media.  Sure, as we get older we get a little tamer, but our lives are littered with bad decisions that were memorialized on social media.  While we can’t erase our past entirely, we can make an effort to clean things up a bit.  The reasons are clear.

First, I hope we all know that checking social media pages prior to making employment decisions is a way of life for employers of all kinds.  And we should all realize that we can’t hide behind fake names– our prospective employers know that many students open Facebook pages using alternate names and they’re starting to ask questions.

Also, keep in mind that searching our Facebook pages is being institutionalized.  In 2009 the Florida Board of Bar Examiners adopted a policy of searching applicants’ personal social networking websites in select situations, such as cases where there are significant candor concerns. Don’t be surprised if other states adopt this policy as well.

Be careful– there may be times where cleaning up our Facebook pages is improper.  For instance, I don’t think it would ethically proper to change your website in response to an inquiry about your social media page.  On the other hand, I don’t think there would be anything wrong with proactively cleaning up your page, in the absence of any inquiry.

Given the times we live in, it appears that it would be wise for law students to give consideration to cleaning things up, like, yesterday.

Share

Groupon use…what a mess.

Did you know that Alabama lawyers can’t advertise with Groupon?  It’s true– there’s even an ethics opinion on it.South Carolina lawyers may be able to use it, but they have to use a truckload of caution– so says this opinion.

One thing that’s apparent is that when we’re facing ethical issues surrounding new technology there’s an increased need for us to do our own interpreting of the ethics rules.  Rarely do jurisdictions have an opinion on point, so we have to review other states’ opinions and draw our own conclusions about how to behave.  Unfortunately, those opinions often vary (like with the Groupon issue) so we’re forced to be our own individual ethics boards.

Share

Any Hope for a Uniform Ethics Code? Nope.

Dear naive people who dream of one day living in a world where every lawyer lives under a single ethics code.  Here’s yet another sign that you’re never going to experience the nirvana you desire. 

A bit much?  Of course, but that’s how I roll.

Last week the ABA’s Commission on Ethics 20/20 sent a report to the group’s House of Delegates in which they recommended various changes to the Model Rules of Professional Conduct (I’ll be blogging about those details plenty, so check back).  In the Introduction and Overview, they made it clear that this arm of the ABA did not intend to advocate a uniform, country-wide ethics code. They said,


“Some commentators have
suggested that state-based judicial regulation of the profession is unworkable in the modern environment. The Commission concluded, as did the [Multi-Jurisdictional Practice] Commission before it, that those advocating for a departure from state-based judicial regulation of the legal profession in the U.S. had not made their case and, indeed, that there remain strong reasons to maintain our state-based system of judicial regulation”
(footnotes omitted).

Get used to it, campers…state-to-state nuances are here to stay.  Oh, be honest…you knew it would be that way!

Share

Wireless Networks? um…NO. Future Technologies? Maybe.

Sometimes finding free Wi-Fi feels like finding buried treasure.  A laptop user who finds free Wi-Fi in a coffee shop is comparable to a deep sea diver who finds a tank of oxygen.  However there is a downside– many of those networks are unsecured and vulnerable to being compromised.  That poses a problem for attorneys because our client’s confidential information may be exposed if we use an unsecured wireless network to perform work on their behalf.  The question then becomes, are lawyers permitted to use unsecured wireless networks to do client work?

The issue of course, is confidentiality because an unsecured wireless network is easily accessed by hackers.  The concept of competence is also in question because comments [16] and [17] of Rule 1.1 (“Competence”) remind lawyers that we must, “act competently to safeguard information…against …unauthorized disclosure” and that when transmitting a communication we must, “take reasonable precautions to prevent the information from coming into the hands of unintended recipients.”  California tackled the question directly in Formal Opinion No. 2010-179.

The Committee said that lawyers should not use unsecured wireless connections when working on client matters.  The opinion states,

“With regard to the use of a public wireless connection, the Committee believes that, due to the lack of security features provided in most public wireless access locations, Attorney risks violating his duties of confidentiality and competence in using the wireless connection at the coffee shop to work on Client’s matter unless he takes appropriate precautions, such as using a combination of file encryption, encryption of wireless transmissions and a personal firewall. [FN omitted]  Depending on the sensitivity of the matter, Attorney may need to avoid using the public wireless connection entirely or notify Client of possible risks attendant to his use of the public wireless connection, including potential disclosure of confidential information and possible waiver of attorney-client privilege or work product protections, and seek her informed consent to do so. [FN omitted]

Finally, if Attorney’s personal wireless system has been configured with appropriate security features[FN omitted] the Committee does not believe that Attorney would violate his duties of confidentiality and competence by working on Client’s matter at home. Otherwise, Attorney may need to notify Client of the risks and seek her informed consent, as with the public wireless connection.”

The Takeaway: If your jurisdiction agrees with California, you can’t use wireless networks for client matters (unless you take the recommended precautions, none of which are practical/realistic).  Even if your state hasn’t stated that they agree with California it’s probably a good idea to abide by their direction anyway.  After all, the only way you’ll know your state’s position for sure is when the Bar finally acts, either because they were asked to opine on the subject or they are disciplining someone.   The question I ask myself is…do I want to be that person who “makes the law” by being the first person to be disciplined?

I love this opinion for another reason—the opinion listed 6 factors that an attorney should consider when evaluating new technologies.  Those factors could be helpful to attorneys everywhere when evaluating whether they could use new systems in the future.  Here are the factors (but I encourage you to read the opinion because they’re explained more fully and it makes better sense after you read that text).

1- An attorney’s ability to assess the level of security afforded by the technology, including (i) how the technology differs from other media use (ii) whether reasonable restrictions may be taken when using the technology to increase the level of security and (iii) Limitations on who is permitted to monitor the use of the technology to what extend and on what grounds.

2- Legal ramifications to third parties of intercepting the information

3- The degree of sensitivity of the information

4- The possible impact on the client of an inadvertent disclosure

5- The urgency of the situation

6- Client instructions and circumstances

The Takeaway: As time goes by, lawyers will find themselves wondering whether they can ethically use new technologies and California’s Opinion will help provide that answer.  The opinion provides these “technology permissibility factors” (my term) that a lawyer could use to evaluate the permissibility of those new technologies.

Granted, the California Opinion may not be binding in your jurisdiction, but it wouldn’t be such a bad idea to consider the factors when you find yourself in a pickle in the absence of a direct ruling from your home jurisdiction.  Consider how a disciplinary board would react if you were faced with a new technology, but before using it you evaluated the California “technology permissibility factors” and wrote a memo to the file detailing your analysis.  I would expect that a disciplinary board would look favorably upon you in a hearing situation.

Share