The Russian war is creating problems for lawyers! 

What’s happening in the Ukraine is a tragedy. We all feel horrible about the devastation being wrought upon the Ukrainian people and we’re all trying to do our part to make the horror stop. And the’s why US companies are extricating themselves from Russia. They’re trying to apply pressure any way they can. And large law firms are trying to do the same thing.  

Laws firm who represented Russian interests in US courts, are trying to withdraw from representing those clients for the same reasons that big companies are walking away from their Russian operations. But note the key word I used there — trying. Law firms aren’t traditional businesses, and they can’t just dump their clients when the feel like it. No, lawyers have to comply with Rule 1.16 if they want to withdraw from representation, and that’s causing a real problem for firms who are trying to get out of Russia. 

Rule 1.16 explains when a lawyer can ethically withdraw from representing a client. Subsection (a) talks about the instances where a lawyer is required to withdraw, and subsection (b) sets forth those instances where a lawyer is permitted to withdraw. 

That latter section contains a variety of reasons that a law firm could rely upon to justify their withdrawal from the representation of Russian clients. Consider subsection (4). That allows a lawyer to dump a client when the client does something that, “the lawyer considers repugnant or with which the lawyer has a fundamental disagreement…” Rule 1.16(b)(4). 

But these firms can’t just look at Rule 1.16(b) and say, “ok, you’re doing something repugnant…I’m out!”  They can’t look at any part of subsection (b) and just decide they’re going to walk away. That’s because, practically, they have to get court approval to withdraw from a matter. And when the court looks at that application, the court’s going to ask whether Rule 1.16(b)(1) has been complied with. That section only allows withdrawal if it, “can be accomplished without material adverse effect on the interests of the client…” Rule 1.16(b)(1). And that’s where these firms in Russia are having a problem. 

For instance, firms that are representing Russian banks in matters pending in US courts are trying to withdraw from their cases. Not only might the firm think that representing a Russian interests is something they don’t want to do, but these banks are also now on the sanctions list, which means that doing business with them could violate the law. 

But the courts are resisting. In some instances firms have worked on matters for years and trials on those cases are imminent. Letting the law firm out so close to trial could cause great hardship on the clients. If a court in the US tells these firms that they can’t withdraw, then the ethics rules require them to listen. Rule 1.16(c) states that if a lawyer is ordered by a tribunal to continue representing a client, “a lawyer shall continue representation notwithstanding good cause for terminating the representation.” Rule 1.16(c). 

Some international firms have an added issue. If they’re required to continue to continue to represent certain clients they could be doing so in violation of the law in other countries. 

In the UK, for instance the Solicitor’s Regulation Authority reminded lawyers that, “the financial sanctions regime prevents law firms from doing business or acting for listed individuals, entities or ships…If an individual is on the sanctions list and subject to an asset freeze, firms may not deal with those funds or make resources available to that person…” They warned that “breaching the financial sanctions requirements can result in criminal prosecution or a fine.

How this will all play out is unknown. Law firms are going through it right now.  There are arguments that the firms will make to try to get out — if a client is on the sanctions list the lawyer’s continued representation could mean that their services are being use used in furtherance of a crime in violation of 1.2(d).  Or maybe a firm could argue that they’re being used by their sanctioned client to launder money in an effort to get around the sanctions, so they should be removed as counsel. But how do you do that without violating confidentiality? All I can tell you is that the firms are going to pull out all the stops to try to get the courts to let them out, and it’s a mess.


Watch your F****n mouth. The practice is turning up the heat on profanity

I am from New Jersey, and that means I swear a lot. In my home state we’ve elevated the F-word to everyday vernacular. Example: when you walk along the boardwalk down the shore (that’s what we call the beach) and you pass by a person pushing a stroller it’s common to hear someone say, “What a cute baby! How old is that friggin thing?”

And we don’t say friggin.

But recent developments in the practice have made it clear that people like me need to start watching our mouths. 

A judge in Kansas was recently suspended for having a foul mouth. The ABA Journal reported that “A Kansas judge who dropped F-bombs and refused to ‘f- – -ing apologize’ to one employee subjected to one of his outbursts has been suspended from the bench for ‘quite troubling’ behavior. [FN1] Apparently, his mouth was so bad that one of the staff started a “swear journal” that documented the obscenities. [FN2]  And the court wasn’t swayed by the idea that swearing is something that happens often in a particular locale:

According to the opinion, Cullins “claims cussing is so common in Southeast Kansas that the entire region would take offense at the suggestion that the use of the word connotes a negative reflection on an individual’s character.”

The Kansas Supreme Court countered that Cullins “misses the panel’s point”: He used the word in a loud and angry interaction with one clerk and in a humiliating exchange with the other clerk, the court said. [FN3]

Granted, the article acknowledged that the F-word wasn’t his only misbehavior. The court appears to have “cited the appearance of bias, a violation of decorum and a harm to confidence in the judiciary.” [FN4] But the swearing was a big part of the opinion, and there are a few interesting lessons for lawyers here. 

First, beware of situations where someone’s profanity is just the tip of a bigotry-laden iceberg. That’s got nothing to do with region, common practice, or anything else. Profanity in that scenario is just wrong, period.  The other two lessons, however, are for the rest of us — those people who swear…well…because…it’s just something we do.

The second lesson is about getting onto the disciplinary system’s radar. Here’s a question for you— what’s the quickest way to get a grievance filed against you? The answer: piss somebody off. Whoops, is that profane? Okay, how about if I follow my own advice and change. The answer: make someone angry. And one of the quickest ways to make them angry is to use profanity.  Profanity pushes people over the edge. Here’s what I mean. 

Consider that you might have done something that a client thinks might be worthy of a grievance. Of course, it also might not be worthy of a grievance. Maybe it was something that wasn’t actionable, but just really aggravated the client. And then let’s say that when discussing that mishap with the client you drop the F-bomb.  Now they aren’t just aggravated, they’re also offended. And that might be the additional motivation they need to report you.

I don’t want anyone to think that I am trying to dissuade individuals from filing bona fide grievances. Not at all. I’m just saying that behavior which might not be worthy of discipline could still end up being reported if that borderline bad behavior is accompanied with profanity. And, sure, you might be exonerated in the end. But who needs to be banging around in the disciplinary system for 6 months until you’re finally let off the hook?

The third, and final lesson is about behaving better. There was a day where a lawyer could swear like the proverbial sailor and get away with it. After all, we’re in an adversarial profession where things often get quite heated and profanity was long considered part of the job. But the decision about the Kansas judge and others like it show that the paradigm is shifting.  The practice of law is putting far greater emphasis on behaving in a professional manner. Yes, lawyers are always supposed to stay away from ethics violations, and in that regard the rules establish what we could do. But cases that address profanity are also telling lawyers to consider what we should do. The lesson is really about professionalism. The lesson for all of us is about making an effort to elevate our personal behavior. It’s about aspiring to better behavior, voluntarily.

So let’s all commit to reducing our bad language. After all, using profanity just makes things worse. I’m going to try to follow that advice too. Plus, if I stop swearing so much maybe my spell checker will finally know what I’m trying to ducking say.  


  1., last checked 3/5/2021.
  2., last checked 3/6/2021.
  3. last checked 3/5/2021
  4., last checked 3/5/2021

The duty to inquire about a fraud — it’s real and it’s spectacular

Burying your head in the sand could be pretty lucrative for a lawyer.  Some lawyers over the years got pretty wealthy that way.  They were the kind of lawyers who talked to a shady client and said things like, “I didn’t hear you say that,” or, “Don’t tell me anything. If you tell me I can’t continue to represent you, so I don’t want to know.” 

Lawyers who are willing to put on earmuffs like that are pretty popular with a particular kind of client. Criminals.

Well, recently the ABA issued an ethics opinion that made it clear that the days where a lawyer could ignore a client’s bad deeds are a thing of the past. While the opinion contains an interesting ethics analysis, the reason it is truly notable is because it signals a paradigm shift. The opinion makes it clear that lawyers can’t bury our heads in the sand anymore.

ABA Formal Opinion #491 (April 2020) deals with a lawyer’s obligation to avoid counseling or assisting a client in the commission of a crime or fraud. This issue appears to have gained importance recently because of an increased risk to lawyers. Governments around the world are putting more pressure on terrorist groups and other nefarious actors. That pressure has created a greater need for the bad guys to try to conceal their financing, and that increases their need for elaborate money laundering transactions.  Oftentimes those bad guys will need a lawyer to help them carry out their scheme, and that’s when the lawyer can have problems. That’s when a lawyer might be put in the position to assist that client in committing a crime. 

There is no question that lawyers can not assist in their client’s illegal activities.  Rule 1.2(d) explains that a lawyer “shall not counsel a client to engage, or assist a client, in conduct that the lawyer knows is criminal or fraudulent.”  If a lawyer knows that’s happening, they need to withdraw, at the very least.  But what if a lawyer isn’t sure? The client’s tactics might smell like money laundering — maybe they’re paying with large amount of cash or routing money through a jurisdiction where laundering is common. But in some situations there might not be much more evidence than that.  In those cases there might not be enough evidence on the surface to confirm that the client’s objectives are fraudulent.  The question the ABA is wrestling with in Opinion 491 is, does a lawyer have to dig deeper? Does a lawyer have a duty to ask the client whether the objectives that smell bad are actually bad? The answer is yes. 

In explaining their reasoning, the opinion starts with the easy stuff. If the lawyer “knows” that they are getting involved in a client fraud — if the facts are so strong that the fraud is obvious — a lawyer has an obligation to talk to the client about it. That’s clear from Rule 1.2(d), and it’s been confirmed over the years. Both the rules and advisory opinions have established that lawyers aren’t allowed to avoid the obvious. 

But the opinion went further. It explained that a lawyer has to make inquiry even if the facts aren’t so strong that the fraud is obvious. A lawyer is required to check into the matter if there’s a “high probability” that the client is engaging in fraudulent conduct. The opinion explained that, “When a lawyer deliberately or consciously avoids knowledge that a client is or may be using the lawyer’s services to further a crime or fraud, discipline is imposed.” Op. 491 at 5, citation omitted. 

And the opinion didn’t stop there. Yes, a lawyer needs to inquire if she knows the client is pursuing a fraud. Yes, a lawyer also needs to inquire if there is a high probability that the client is pursuing a fraud. Well, the opinion further noted that some cases held that a lawyer should make an inquiry if there is a suspicion that the client’s actions might be fraudulent. And some jurisdictions have an even broader requirement. States like South Carolina require a lawyer to consult with a client if they “reasonably should know” that the client is getting the lawyer to assist in a crime or fraud. Op. 491 at 5.

All of that begs the question — when is a lawyer deemed to have a “suspicion” sufficient to require further inquiry? When can it be said that a lawyer “should have known”? The answer, as usual, is that it depends on the circumstances.  Unfortunately the drafters don’t give us a clear explanation of when this duty to investigate is triggered. It seems like they’re saying, “if it smells bad, ask.” But while the trigger might be murky, there is one thing that’s clear. The lawyer’s obligation to inquire about whether a client is asking the lawyer to assist in a fraud exists.  And Opinion 491 states clearly that a lawyer would be facing disciplinary action if an inquiry is required and they don’t do it.

Interestingly, I don’t think the unanswered questions here are so concerning. That’s because I don’t think this opinion is really about defining when a lawyer must make this inquiry. I think this opinion is really about sending a message. 

Think about it— the actual ethics issue is pretty basic and not all that controversial. A lawyer can’t assist in a client’s fraud, they should talk to the client about whether they are engaging in a fraud, and if they learn the client is doing so the lawyer should withdraw. Not exactly earth shattering.  But consider the “feel” of the opinion. 

The opinion spends a tremendous amount of time establishing the ethical justifications for requiring the lawyer inquiry.  They explain the nuances of Rule 1.2, they talk about criminal law, and they note a variety of other rules which can be read to require that a lawyer inquire further. That effort — which goes on for several pages — is extensive. They put a lot of effort into a pretty basic concept. It’s almost like the drafters are making their case. It seems as if they know that the audience will be skeptical. They know that lawyers will question whether this duty is real. Maybe the drafters realized that they would face resistance, so they felt the need to go to great lengths to make it abundantly clear that the duty to inquire exists. They nearly overdo it with the justifications. It’s as if they are saying, “let there be no mistake about it. This duty exists. It’s real.” 

Why would they need such overkill? Maybe it’s because they are signaling a paradigm shift. The drafters seem to be saying that the game-playing days are over.  The days where you could bury your head in the sand and remain willfully ignorant are a thing of the past.  

Maybe they spent so much time talking about the duty to inquire because that’s the only way they can make it obvious that they want us to behave differently — they want us to shed the old ways. They’re saying, times have changed and we really mean it. Look. We put a lot of ink on the paper. That shows we’re serious. We gave you all of this research because we want to send a clear message. The old days are over. Get with the program. In today’s practice they expect more from you.

There are other opinions which confirm this shifting paradigm and they’ve got to do with enhanced obligations being put on lawyers because of international money laundering. But let’s talk about that on another day…

If you “like” it, you own it

The short story: If you “like” a statement on social media you could be deemed to have made that statement. At least that’s what Indiana says. Here are the details…

It’s obvious that lawyers have to answer for the statements we make on social media. If you lie you could run afoul of a variety of rules: a misrepresentation in your marketing might be a violation of the advertising rules, if you lie in connection with your representation you might violate Rule 4.1, stuff like that.  It also isn’t much of a surprise to say that a lawyer is going to be ethically responsible for statements that they recirculate. If you retweet a statement that you know is false, you are going to be considered to have made that statement and you’re going to have to deal with an ethics grievance if the statement violates the rules. You own the information you send out to the internet.

But I just read an extension of that concept that surprised me. A state is trying to affix ethical liability on a lawyer for statements they merely “like.”

The Indiana Supreme Court Disciplinary Commission issued Opinion #1-20 in July of 2020 entitled “Third Party Comments or Tags on a Lawyer’s Social Media.” In that opinion they stated:

An attorney who responds to or “likes” a third party’s comment that contains prohibited content could be deemed to have adopted the third-party comment. Such action could subject the attorney to a rule violation. The failure by the attorney to delete prohibited content could be considered acquiescence and expose the lawyer to discipline.

A lawyer should also be careful to adjust privacy settings to avoid being “tagged” to improper content which could show up on the lawyer’s page and thereby be deemed adopted by the lawyer.

This is an expansion of existing concepts. In the past, we owned whatever we shared. Now, we could own whatever we like. Let’s see how this might exist in the practice.

If someone makes a claim about your services that violates the rule and you like it, you would be deemed to have made that statement.  Example: A prior client tweets, “Stuart Teicher got me out of a DUI and I’m sure he can do it for you too.” That probably violates the rules because it could “lead a reasonable person to form an unjustified expectation that the same results could be obtained for other clients in similar matters without reference to the specific factual and legal circumstances of each client’s case.” Rule 7.1, Comment [3]. If you “like” that statement you are going to be deemed to have allowed it and you are going to get into trouble.

Same issue with tags. Example: A lawyer, who has been practicing for 6 months, has a client who writes this post on the client’s Facebook page and tags the lawyer: “Jane Smith has been at the law game for a decade. She’s awesome.” That’s not true and, depending on whether it also ends up showing up on your social media page, you might be deemed to have adopted the statement.

Of course, whether something is problematic ultimately depends in the circumstances. But you can see the expansion of the idea here. When social media started it was clear that if you said something you owned that statement. Then there came the day when you owned other people’s statements that you recirculated. Well, today you could own other people’s statements that you “like,” or that “tag” you. 

Special Corona Virus Threat Assessment for Contract Drafting

If you check out the boilerplate language in your contract form, you’ll likely find a paragraph commonly known as the “force majeure” clause.  That’s the clause that addresses occurrences that are considered to be beyond the parties’ control like acts of war, natural disasters, or strikes.  It’s one of those sections that we include in the document, but often don’t focus on because…well, let’s face it…what are the chances of a revolution?

The last time I recall anyone giving serious thought to the content of these clauses was after 9/11. When the Twin Towers were struck, the legal world started focusing on those force majeure clauses because a lot of the standard language didn’t have a direct reference to disruptions caused by terrorism. But after 9/11 anyone who wasn’t already referencing terrorism in their force majeure clauses made sure to add it. Well, the corona virus is giving us a reason to focus on this paragraph again. And, obviously, instead of tweaking these paragraphs to account for terrorism we now need to account for epidemics and disease.

These changes are necessary because the ability of a client to perform pursuant to an agreement could be impacted or precluded because of some complication stemming from the corona virus.  What if they are ordered to be quarantined, or their office is closed because of disease?  They could be unable to travel, or travel to a particular area could be suspended. There are a variety of ways that your client could be prevented from performing, and if they don’t have a legal “out” they could be in trouble.  

Your client might not be completely exposed right now— while your existing clause might not reference disease specifically, you likely do have some catch-all provision like “other unforeseen circumstances.” That might be enough to hang your hat on and the language could protect the client if the matter is litigated.  But that’s a bit uncertain, and you know how fickle judges and juries could be. Certainty is often the wiser approach, so it’s probably a good idea to add more specific language to your agreements now.

Of course, even if you make this change to your form it’s not going to have any effect on existing contracts that have already been executed by the client and are currently in effect. But you can include the change in everything you draft going forward. 

Not only is this a “best practice” move, but it’s also an ethical consideration. This is about competence. Our duty of competence under Rule 1.1 is a continuing duty and Comment [8] explains that “to maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice…” This is a change in the law that you need to consider. 

The lawyer’s emerging duty not to share

As technology morphs, the lawyer’s obligation to protect client data becomes more difficult. With each new advancement there become new ways that client information could be revealed, and our duty to take reasonable steps to protect that data changes.  It gets tougher and tougher to figure out what actually constitutes “reasonable steps” to protect the data as required by Rule 1.6(c).  Today I believe that the question of whether a lawyer is taking “reasonable steps” to protect client data is being redefined once again.  I believe that there is an evolving duty not to share information.

I’m not talking about the stupid kind of sharing like posting a comment on social media about a client matter. I’m talking about lawyers’ less obvious way sharing of information, and there are two ways that concern me in particular: sharing access to contacts and sharing access to our location.  

Here’s how those two concerns appear in the practice. Some platforms we use ask us if we want to import our contacts, or provide that site “access” to our contact list. It’s most likely done because it allows the software we’re using to make communication more efficient.  Or consider other instances where you share your location— not by checking in somewhere on Facebook— maybe it’s a fitness apps that runs constantly in the background and tracks your location. Other times, the app is not so obvious. In fact, most of us probably don’t even realize that certain apps are sharing our location.  When I started looking into this issue I learned that I was allowing the app that updates the firmware on my headphones to track my location.  I also inadvertently gave location-tracking permission to the app that helps me organize my reimbursable expenses.  I even remember reading somewhere that crossword puzzle apps sometimes track your location.  

My concern is that these sources of information can be put together by the bad guys to find out lots of stuff about our practices and our clients. That’s why I see contact lists and location information as puzzle pieces.  We are revealing bits and pieces of our practice that, when put together, could end up revealing client relationships, the status of client matters, etc. 

A bad guy with access to this information could learn a slew of things: when you were at your adversary’s office? How often did you go to your adversary’s office? Does that mean a deal is imminent? Did you accompany your client to a meeting with a bankruptcy attorney, or a white collar criminal lawyer? What if bad guys want to target a particular corporation, and they have focused on a particular corporate officer. They realize you’re the lawyer, so they hunt through your contact lists to see if you’re connected with that individual. You became the hard target…and you gave them another step toward the client.  Now maybe the bad guys can find your client’s mobile number and track the client.  Or maybe they learn a personal email address which allows them to send phishing emails, malware, or ransomeware to the client. Plus, there’s other information people can get from our contact list — what if the contact-sharing that you authorized also imports the notes that you keep in your contact’s entry? There could be information covered by the attorney-client privilege in those notes.

It’s true that we can’t say how this danger will actually manifest itself. We can’t say, “this is the specific app watch out for” or “stop using this particular platform.” We don’t know how or when the bad guys will put the puzzle together.  But here’s something that we do know for sure— they are trying. That is a given. But, despite accepting that undeniable fact, we continue to voluntarily provide the puzzle pieces and that doesn’t seem to be reasonable.

Think about it — if we know that they are constantly and consistently trying put these pieces together, is it reasonable to think Hey these bad guys are scouring the internet trying to put these puzzle pieces together…so I need to keep giving them those pieces. No. It’s not. Our duty is to stop helping the bad guys.  Lawyers need to reconsider whether we should continue sharing this type of data.

My concern gained a bit more credibility after I read an article in the Wall Street Journal recently (Note, that we live in a politically charged environment and I am not giving you this quote because the Trump Administration was involved, nor because it’s about immigration issues. This is about a tech concern.) According to the Wall Street Journal, 

“The Trump administration has bought access to a commercial database that maps the movements of millions of cellphones in America and is using it for immigration and border enforcement…The location data is drawn from ordinary cellphone apps, including those for games, weather and e-commerce, for which the user has granted permission to log the phone’s location. The Department of Homeland Security has used the information to detect undocumented immigrants and others who may be entering the U.S. unlawfully, according to these people and documents.”

See what I mean? It’s not about the fact that the Trump Administration bought access to this commercial database. It’s about the fact that the commercial database exists at all and that anyone can purchase access to such a database. It’s a problem for lawyers because it means that people are collecting data that could reveal information about our practice and our client matters. Oh, and the kicker is that that information is being delivered by us— we are sharing it voluntarily and gifting it to the company that’s collecting it for their database. 

Maybe, today, part of taking “reasonable measures” to protect client confidential information includes putting up a barrier….making it more difficult for people to gather our information…making it tougher for them to put the pieces together.  Given what we know about the relentless efforts that people are making to gather and use that information, maybe we have a duty to take appropriate evasive tactics.  

I think good analogy is “proper password selection.” We would all agree, I’m sure, that it’s not reasonable to have a password that is your birthday, or something common like the word, “Password.”  Everyone would agree that it is not reasonable to use easily discoverable passwords, and that doing so is not taking “reasonable steps” to protect client information.  But it wasn’t always like that. There was a time when no one considered the need for uncommon passwords. That was, of course, until people started getting hacked because of their weak passwords. Once the infiltration started, the standard changed. Today it’s simply expected the lawyers will have proper passwords. And that’s where we are headed with the duty not to share. 

Up to today every lawyer has shared their contacts and location and we’ve never batted an eye. But times are changing. The danger of doing so is becoming apparent and it might be time that we stop giving away the puzzle pieces. That’s why I think we are witnessing the evolution of a lawyer’s duty not to share.

Chatbots: the legal marketing device that could get you into trouble

Chatbots are now being used in legal marketing to help lawyers find valuable clients. The technology is basically a computer program that is powered by artificial intelligence that simulates conversation with people.  Potential clients who visit a firm’s site can type questions and comments into a chatbox and, when doing so, they think they are speaking with a real person.  The bot collects contact info as well as other details about the potential client’s case, asks questions to the potential client, analyzes the data, and gives that information to the lawyer.  The chatbot companies say that their AI sifts out the tire kickers and identifies valuable prospects for the firm, thereby improving conversion rates. 

The chatbots are provided by tech vendors. A lawyer contracts with a vendor that offers the chatbot software, the vendor provides a bit of code that is inserted into the lawyer’s website, and a chat box becomes a part of the lawyer’s site. Someone coming to the website wouldn’t know that another vendor is involved at all— it simply looks like a chat box that is part of the lawyer’s website. 

Using a chatbot isn’t necessarily off limits. What you need to be concerned about is the nature of the exchange between the bot and the potential client.  It’s a problem, for instance, if a chat bot engages in conversation with a potential client and actually dispenses legal advice. But chatbots aren’t likely to be programmed to give advice. They are, however, programmed to engage in conversation. They talk to the potential client to learn about their case so they can weed out the garbage contacts from the good prospects. But it’s that conversation that could create problems.

During the conversation between the bot and the prospect, the prospect will be providing information about their case. What we need to worry about is the potential that people who visit the lawyer’s site and engage in a conversation with the chatbot end up being considered “prospective clients” under Rule 1.18. If they do attain that status, the lawyer could have conflict problems. To see what I mean, first understand how the rule works.

How Rule 1.18 Works

Rule 1.18 says that if a person “consults with a lawyer about the possibility of forming a client-lawyer relationship” they could be a prospective client. All they need to do is consult about the possibility of forming the lawyer client relationship.  But why should a lawyer care if someone is technically considered a “prospective client?” 

First, you can’t tell anyone about the information that the prospective client gave you.  Rule 1.18(b) explains that “Even when no client-lawyer relationship ensues, a lawyer who has learned information from a prospective client shall not use or reveal that information…” Second, you might be conflicted out of representing someone else in the future. Even if you don’t take the prospective client and you never work on their matter, subsection (c) says that if you received information from the prospective client that could be significantly harmful to that person, and some time in the future a different person approaches you to represent that different person against the prospective client in the same matter, you might not be permitted to do so. You would be conflicted out of the representation. 

That could be devastating. Think about it— if you have a consultation with someone about a lucrative matter and you decide not to take their case…but later you are approached by someone who wants you to represent them in that very case, you can’t take that other client. You could be forced to forego a lot of money in fees.

The problem with chatbots

When it comes to Rule 1.18, what’s important is the trigger for becoming a prospective client. As you saw in the rule above, that trigger is a consultation.  The key question, of course, is, when does an interaction rise to the level of a consultation?  The answer is that it depends on the circumstances. But the key circumstances to focus on are your website text and the content of the chatbot’s communications.

If your website just lists your contact information you’re going to be okay.  If you simply put your information out there and someone sends you information about a case, that’s not going create a prospective client relationship.  Comment [2] confirms that: “…a consultation does not occur if a person provides information to a lawyer in response to advertising that merely describes the lawyer’s education, experience, areas of practice, and contact information, or provides legal information of general interest.” Basically, that comment is saying that if you simply tell someone that you exist and that you are qualified, it’s not a “consultation.”  If someone replies in that situation, the person “communicates information unilaterally to a lawyer, without any reasonable expectation that the lawyer is willing to discuss the possibility of forming a client-lawyer relationship.” That person, therefore, is not a prospective client.

However, you’re  going to have a problem if your website encourages people to offer information and your chatbot follows up by engaging with that person. The comment explains that “…a consultation is likely to have occurred if a lawyer…through the lawyer’s advertising in any medium, specifically requests or invites the submission of information about a potential representation without clear and reasonably understandable warnings and cautionary statements that limit the lawyer’s obligations, and a person provides information in response.”

If your site specifically requests or invites a person to submit information about a potential representation, and your chat bot provides information in response, then you are risking the creation of a prospective client relationship. Obviously, the ethical danger is dependent upon the responsiveness of the chatbot because the rule says that you have to “provide information in response.”  Well, the more lengthy, intense, and detailed the chatbot’s responses, the more likely there will be a problem.  

Oh, and don’t get hung up on the fact that your chatbot is not a “person” under the rules. If the bot provides information I think a tribunal will see the software as an extension of the lawyer.  Plus, if the AI software is doing its job correctly, the potential client should believe that they are actually communicating with a real person. For those reasons I wouldn’t be surprised if a tribunal concluded that the AI in the chatbot is the functional equivalent of a “person” for the purposes of the rule. 

Of course, there is a huge get-out-of-trouble card. All you have to do is include the disclaimers set forth in the rule.  If your site has “clear and reasonably understandable warnings and cautionary statements that limit the lawyer’s obligations” as stated in Comment [2], you’re probably ok. This, however, is a situation where you can win the ethical battle, but lose the overall war. Here’s what I mean: what if this issue isn’t raised in the context of an ethics grievance? What if it is, instead, raised in a disqualification motion? Consider this hypothetical…

Win the ethical battle, but lost the disqualification war

Let’s say you’re in a medium sized firm that handles a variety of different types of matters. Your firm represents Business X and you’ve been their counsel on nearly all of their legal matters for years. Your firm has a website that utilizes a chatbot to evaluate the strength of new, potential clients. You have language on the website that properly disclaims Rule 1.18. Someone visits your site and explains that they have a workplace discrimination claim. They provide details of the case to the chatbot. The bot inquiries further and the prospect provides more information, in fact, the client wants to make sure that the lawyer with whom they are chatting has a complete understanding of the case so they provide a lot of details.

The chatbot sends the info to the attorney at the firm responsible for reviewing prospect data, and that lawyer thinks that the prospect has a great case.  After reviewing the information, t he attorney contacts the prospect and learns that the adverse party is Business X. However, the lawyer figures that the firm will probably be representing Business X in that matter because the firm does all of their work. As a result the firm doesn’t take the potential client.

The prospect finds another lawyer, and they file suit against Business X. As the lawyer anticipated, your firm is representing Business X. The prospect’s lawyer files a motion to disqualify you as counsel and you oppose it.  You claim that there is no violation of the rule—  the prospect never became a “prospective client” under Rule 1.18 because you had the  proper disclaimer. And you’re probably right. But there is a good chance that a judge will disqualify you anyway.

That’s because the judge isn’t deciding whether discipline should be imposed — the judge is deciding whether you should be disqualified. They don’t necessarily care about the technicalities of the rules, they care about two things — the two things that are at the core of every conflict— loyalty and confidential information.  

The critical question that the judge will ask was, during the interaction the firm had with the prospect, did you learn confidential information from the other party? And when the judge realizes that your chatbot gathered information that would ordinarily be considered confidential information and it was passed on to the lawyer in your firm for review, they’re going to say you have a conflict and kick you out of the case.  You’re not going to be saved by the disclaimers because those disclaimers only helped you avoid discipline under Rule 1.18. In the disqualification context the court cares about loyalty and confidential information. And when it finds out that you were privy to a slew of details from the potential client’s case, they will disqualify you.

How to make chatbots safer

This doesn’t mean that chatbots are forbidden, they just need to be used carefully. What can you do to make the chatbot safer? Here are 4 ideas:

  1. Use disclaimers that comply with the rules.
  2. Make sure the bot is just gathering information and not giving any information. And if it does give information, make sure it’s super limited. Keep Comment [4] to Rule 1.18 in mind which states, “In order to avoid acquiring disqualifying information from a prospective client, a lawyer considering whether or not to undertake a new matter should limit the initial consultation to only such information as reasonably appears necessary for that purpose.”
  3. Go over Rule 1.18 with the vendor supplying your chatbot. Make sure they understand it. Also explain the disqualification issue. Remember, most tech vendors have no idea about the details rules like 1.18.
  4. Train the staff/lawyers in your office who are responsible for following up on the leads developed by the bot. Let them know about Rule 1.18 and the issue of disqualification. 
  5. Create a process that limits the exposure of the lawyers who review the information provided by the chatbots. It is possible to screen those attorneys per 1.18(d)(2). Here’s what that section states, in part:
    • (d) When the lawyer has received disqualifying information…representation is permissible if…(2) the lawyer who received the information took reasonable measures to avoid exposure to more disqualifying information than was reasonably necessary to determine whether to represent the prospective client; and (i) the disqualified lawyer is timely screened from any participation in the matter and is apportioned no part of the fee therefrom; and (ii) written notice is promptly given to the prospective client.

The Duty to Update our Software

The ethics rules make it clear that lawyers have a continuing duty to understand the dangers associated with technology and that we need to take reasonable steps to avoid disclosing our client’s information.  Comment [8] to Rule 1.1 reminds us that, “To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology…”; Rule 1.6(c) states that lawyers are required to “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to” our client information, and; Rule 1.3 requires that we act with reasonable diligence in representing a client.  Together those rules make it clear that lawyers need to constantly stay on top of changes in technology and take reasonable steps to protect client data. And that principle has ushered in a new responsibility —the duty to update our software.

The company that sells Norton anti-virus software explained recently that software updates are critical because they patch security flaws:

“Hackers love security flaws, also known as software vulnerabilities. A software vulnerability is a security hole or weakness found in a software program or operating system. Hackers can take advantage of the weakness by writing code to target the vulnerability. The code is packaged into malware — short for malicious software.

An exploit sometimes can infect your computer with no action on your part other than viewing a rogue website, opening a compromised message, or playing infected media.

What happens next? The malware can steal data saved on your device or allow the attacker to gain control over your computer and encrypt your files. Software updates often include software patches. They cover the security holes to keep hackers out.”

It should be pretty clear how this ties into a lawyer’s ethical duty.   If we have a continuing duty to understand the dangers in technology and we need to take reasonable steps to avoid disclosing client information, then we must take steps that ensure that the computer systems and software programs we use remain secure. Our duties of competence, confidentiality, and diligence require us to promptly install updates that are designed to repair vulnerabilities in the software we use in the practice. 

It’s this type of proactive effort that is so important to avoiding grievances in today’s dangerous technological age. Listen, chances are good that you’re going to get hacked. Chances are good that we are all going to get hacked.  The bad guys and gals are simply trying too hard — the odds are against us.  Many lawyers therefore wonder, If I’m going to get hacked, doesn’t that mean that I will get into ethical trouble? Not necessarily. You can save your ethical hide if you are proactive in taking steps to avoid the hack.

The disciplinary authorities aren’t likely to make a decision about someone’s ethical liability based solely on the consequences. They are likely to make a decision based on your actions. Remember that when it comes to attorney ethics, it’s all about your behavior. It’s all about whether you behaved reasonably. It’s all about whether you took reasonable steps to avoid the calamity. You will likely be judged not on whether you were hacked, rather whether you took reasonable steps to avoid that hack.  If you took every reasonable step possible to protect your client data and avoid the disclosure, then it’s likely that you won’t be disciplined even if something terrible happens. 

If you know the bad guys are trying to exploit vulnerabilities in our systems, and you know that software updates are specifically designed to fix those vulnerabilities, then it’s not reasonable to ignore those updates. It’s not reasonable to wait months before you install them. The reasonable effort is to diligently install those updates when they are released. Your duty to protect your client data means that you need to maintain the integrity of your computer systems, and that includes installing security updates promptly.

On the other hand, you might need to do the exact opposite when it comes to massive program upgrades

The duty to update that I discussed above applies to periodic updates that software manufacturers release to existing systems.  But every once in a while those same programmers completely overhaul a system and release a major update that ushers in a new generation of their software. In those instances it’s probably reasonable for a lawyer to wait and delay installing that update. Though that seems to contradict everything I discussed above, the  rationale is actually quite consistent.

New generations of software very often contain vulnerabilities that were not anticipated by the original programmers.  Often hackers exploit those bugs right after the new software is released, thus exposing the problems. The manufacturers then rush to develop and issue updates that close the holes in their code.  In those situations, then, prudent approach is probably for lawyers to delay installing updates that constitute massive overhauls or new generations of a software system. Wait until the bugs appear to be worked out, then update to the new generation of software.

Norton article can be found at:, last checked by the author on March 26, 2019.