Category Archives: Attorney Ethics- Hot Topics

Special Corona Virus Threat Assessment for Contract Drafting

If you check out the boilerplate language in your contract form, you’ll likely find a paragraph commonly known as the “force majeure” clause.  That’s the clause that addresses occurrences that are considered to be beyond the parties’ control like acts of war, natural disasters, or strikes.  It’s one of those sections that we include in the document, but often don’t focus on because…well, let’s face it…what are the chances of a revolution?

The last time I recall anyone giving serious thought to the content of these clauses was after 9/11. When the Twin Towers were struck, the legal world started focusing on those force majeure clauses because a lot of the standard language didn’t have a direct reference to disruptions caused by terrorism. But after 9/11 anyone who wasn’t already referencing terrorism in their force majeure clauses made sure to add it. Well, the corona virus is giving us a reason to focus on this paragraph again. And, obviously, instead of tweaking these paragraphs to account for terrorism we now need to account for epidemics and disease.

These changes are necessary because the ability of a client to perform pursuant to an agreement could be impacted or precluded because of some complication stemming from the corona virus.  What if they are ordered to be quarantined, or their office is closed because of disease?  They could be unable to travel, or travel to a particular area could be suspended. There are a variety of ways that your client could be prevented from performing, and if they don’t have a legal “out” they could be in trouble.  

Your client might not be completely exposed right now— while your existing clause might not reference disease specifically, you likely do have some catch-all provision like “other unforeseen circumstances.” That might be enough to hang your hat on and the language could protect the client if the matter is litigated.  But that’s a bit uncertain, and you know how fickle judges and juries could be. Certainty is often the wiser approach, so it’s probably a good idea to add more specific language to your agreements now.

Of course, even if you make this change to your form it’s not going to have any effect on existing contracts that have already been executed by the client and are currently in effect. But you can include the change in everything you draft going forward. 

Not only is this a “best practice” move, but it’s also an ethical consideration. This is about competence. Our duty of competence under Rule 1.1 is a continuing duty and Comment [8] explains that “to maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice…” This is a change in the law that you need to consider. 

Share

Advance Conflict Waivers are on Life Support

A recent case about advance conflict waivers reveals that they are probably no longer viable, and here’s why. The issue revolves around the lawyer’s need to get informed consent.

The only way a lawyer can get around a conflict of interest is if (in addition to some other things) they get informed consent from the client. That phrase “informed consent” has a lot of depth and it is discussed in several places throughout the code. Much attention is given to the quality of the conversation between lawyer and client.  A lawyer needs to discuss a bunch of specific items in order to be said to have obtained proper informed consent. Rule 1.0 requires that the lawyer communicate “adequate information,” provide an “explanation about the material risks” and talk about the “reasonably available alternatives to the proposed course of conduct.” Rule 1.7 requires that the communication include: a disclosure of the facts and circumstances giving rise to the situation, any explanation reasonably necessary to inform the client or other person of the material advantages and disadvantages of the proposed course of conduct, and a discussion of the client’s or other person’s options and alternatives.  

So where do advance conflict waivers come into play?  A law firm always has to get informed consent from the client in order to take a conflicting matter. The only question is whether the firm gets that informed consent during a contemporaneous consultation with the client once the conflict becomes apparent, or by advising the client of potential conflicts before they become apparent and obtaining that informed consent before the conflict even arises. That latter situation is essentially what an advance conflicts waiver is all about.  You’re getting your client’s informed consent in advance. But you can probably sense the problem with that. 

The inherent problem with blanket advance conflict waivers is that when you are negotiating the waiver, the future client is not yet known…which means that the exact risks that your client could face from the future conflicting representation are not yet known…which means that you can’t build those risks into the conversation you need to have with the client…which means that you can’t get proper informed consent because you can’t talk about all of the required details set forth in the rules.  So it seems that there is just no way to have an advance conversation that contains the requisite specificity needed to obtain proper informed consent.

This issue came to a head in 2018 in a critical case out of California.

The law firm Sheppard Mullin was asked to represent a client (J-M) who was defending a large False Claims Act suit. FN1 There were 200 plaintiffs suing J-M in that matter.  The problem was that one of those 200 plaintiffs was the City of South Tahoe, an entity that a Sheppard Mullin partner represented on and off for years. The firm had an advance conflict waiver in place with South Tahoe. 

The firm took on the J-M case, despite the fact that it was already representing South Tahoe. The firm included a conflict waiver in the J-M fee agreement, but they did not disclose that they were representing South Tahoe in an unrelated matter. FN2 When South Tahoe found out about the conflict, they moved to disqualify the firm. FN3

It appears that the firm never notified either client about the conflict because the firm thought they were covered already. The new matter wasn’t related to the False Claims Act matter, and the firm also had an advance conflict waiver in place with both clients.  According to a report, “Sheppard Mullin pointed to a provision in the engagement agreement that allowed the firm to engage in conflicting representations ‘provided the other matter is not substantially related to our representation of [J-M] and in the course of representing [J-M] we have not obtained confidential information of [J-M] material to representation of the other client.’” FN4 Regardless, the lower court invalidated the advance conflict waiver and disqualified the firm. The firm later sued J-M to collect the fees that were outstanding, but the client resisted and the court ultimately ruled in the client’s favor. 

The court held that since Sheppard Mullin engaged in an impermissible conflict, their fee agreement was unenforceable because it was contrary to public policy. As a result, the firm couldn’t get the balance of their fee. The court further ordered that the firm had to return the portion of the fee that was paid by J-M as of the date that the impermissible conflict started. The court “made clear that when the conflict surfaced, Sheppard Mullin had a duty to tell the client and obtain its informed consent rather than relying on a broad advance waiver in its engagement agreement.”  FN5 Finally, “The court rejected the firm’s reliance on that provision—or “boilerplate waiver,”…saying the firm’s argument ignored the reality that Rule 3-310(c)(3) requires truly informed consent from the client. ‘Written consent to all potential and actual conflicts in the absence of any knowledge about the existence of such conflicts cannot comply with the requirement of ‘informed written consent’ in Rule 3-310(C),’ the court said.” FN6

At the end of August in 2018, the California Supreme court upheld the lower court.  While the case was remanded for an issue that doesn’t concern us here, they stated:

…“because Sheppard Mullin knew of” its conflicting interest with South Tahoe and failed to inform J-M about it, J-M’s advanced blanket conflict waiver was not supported by consent that was “informed” within the meaning of the Rules of Professional Conduct.  Furthermore, since the consent was not informed, the entirety of the engagement agreement with J-M was unenforceable.

For a conflict waiver to be “informed,” the Court reasoned, “the client’s consent to dual representation must be based on disclosure of all material facts the attorney knows and can reveal.”  The Court stated that “An attorney or law firm that knowingly withholds material information about a conflict has not earned the confidences and trust the rule is designed to protect.”

Applying this standard, the Court noted that the Sheppard Mullin advanced waiver to J-M “did not disclose any particular conflict, or even any area of potential conflict, and did not mention” the Firm’s concurrent representation of South Tahoe.  Accordingly, the Firm’s advanced waiver was insufficient to inform J-M’s consent to the representation where, as here, the Firm was aware of a more specific and concrete conflict that already existed when the engagement agreement was executed.  The representation of South Tahoe “was not merely a future possibility; it was a present reality.”  Informed by this legal standard, the Court had no trouble concluding “the conflicts waiver here was inadequate.” FN7

Now, it’s true that the court said they were not invalidating all advance conflict waivers in this decision.  Defenders of advance conflict waivers will further argue that the Supreme Court’s decision is tailored. They will argue that the decision only relates to that category of conflicts where the conflict is known to the parties when they enter into the representation.  But I would not feel very comfortable relying on that narrow interpretation of the decision. 

I think the reason the court didn’t invalidate advance conflict waivers in general is because they didn’t have to go that far, given the facts of the case. They took the typical appellate court approach— limit the opinion to the facts before you.   I believe that the court narrowed their decision because of appellate court protocol, not because of the substance.  In fact, if one looks at the substance, one can see that advance blanket conflict waivers are very much on life support.  

This case is about a client feeling that they didn’t have adequate information about a conflict and that their advance waiver should be ineffective because of that lack of information.  This case is about a client who lacked enough information to provide adequate informed consent.  It is not going to be very difficult for a client in the future to extend the underlying logic in this decision from a case where the conflict is known at the time the representation commenced, to a case where a conflict is not known at the time the representation commenced.  That’s because the heart of the decision is about informed consent. 

Of course, one might think: But we’ve already had blanket waivers. They’ve been around forever. Why are they under attack now? 

The answer is money.

I’m guessing that past cases where a client disputed the efficacy of an advance conflict waiver were settled.  The lawyer and the client simply negotiated a settlement and they moved on with their lives. But this was very likely the first case where the fee was so high and the consequences of losing the case were so costly to both parties that there was no way for the parties to settle.

Here’s the takeaway: One day there is going to be a client who wants a lawyer out of a case really badly (and they’ll want to avoid paying the large legal fee, too). They are going to try to achieve their goal by arguing that the fee agreement with the lawyer should be void because of the firm’s failure to obtain genuine informed consent before entering into a blanket advance conflict waiver.  They will argue that a blanket advance waiver can not, by definition, confer the informed consent required in the rules. Mark my words— they will win. 

———————————————————————————


FN1 Unless otherwise cited, the synopsis of the case throughout this section is summarized from the article found at https://www.bna.com/advance-conflict-waiver-n57982067178/, last checked by the author on March 8. 2019. 

FN2 https://biglawbusiness.com/sheppard-mullin-conflict-waiver-case-puts-4m-fee-at-stake, last checked nether author on March 8, 2019. 

FN3 https://www.ipethicslaw.com/leaving-south-tahoe-will-your-advance-conflict-waiver-survive-sheppard-mullin-v-j-m-manufacturing/, last checked by the author on March 8, 2019. 

FN4 https://www.bna.com/advance-conflict-waiver-n57982067178/, last checked by the author on March 8, 2019. 

FN5 https://www.bna.com/advance-conflict-waiver-n57982067178/, last checked by the author on March 8, 2019. 

FN6 https://www.bna.com/advance-conflict-waiver-n57982067178/, last checked by the author on March 8, 2019. 

FN7 https://www.ipethicslaw.com/leaving-south-tahoe-will-your-advance-conflict-waiver-survive-sheppard-mullin-v-j-m-manufacturing/, last checked by the author on March 8, 2019.

Share

Links to my on-demand programs in (almost) 50 states

My on-demand programs are approved in almost all 50 states (and some territories). Below are the links I’ve got together so far.

Alabama

Alaska

Arizona

California

Colorado

Connecticut

Delaware

Florida

Georgia

Guam

Hawaii

Idaho

Illinois

Indiana

Iowa

Maine

Missouri

Montana

Nevada

New Hampshire

New Jersey

New Mexico

New York

North Carolina

North Dakota

Oklahoma

Oregon

Pennsylvania

Puerto Rico

Rhode Island

South Carolina

Tennessee

Texas

United States Virgin Islands

Utah

UK-BSB

UK-SRA

Vermont

West Virginia

Share

Lawyers Need to Stop Using Gmail Immediately

Lawyers need to stop using gmail for their practice right now.  An article in the Wall Street Journal made it very clear that lawyers who use the system are doing so at their ethical peril.

(Watch the video, or continue reading below)

To understand why I feel this way you need a slight history lesson. Go back to the 90s when email first became popular.  For those of use who are old enough to recall, lawyers couldn’t use email in their practice because it was unencrypted. Our duty to safeguard client confidences per Rules 1.1 and 1.6 prohibited us from using the tool.  The ABA and state bars across the country deemed that unencrypted email was too insecure and that lawyers who used it weren’t taking the necessary steps to fulfill their duty of protecting clients’ confidential information.  So what changed? Today email is generally still unencrypted, but lawyers use it every day (yes, there have been recent opinions which question whether we should continue to use unencrypted email, but it is permitted in a variety of instances). Here’s the change— Congress criminalized the interception of email.  

Once Congress made the interception of email a crime, the powers that be agreed that lawyers had a reasonable expectation of privacy in using the medium. The key phrase is a “reasonable expectation of privacy.”  The ABA issued a formal opinion in 1999 confirming that idea:

“The Committee believes that e-mail communications, including those sent unencrypted over the Internet, pose no greater risk of interception or disclosure than other modes of communication commonly relied upon as having a reasonable expectation of privacy. The level of legal protection accorded e-mail transmissions, like that accorded other modes of electronic communication, also supports the reasonableness of an expectation of privacy for unencrypted e-mail transmissions. The risk of unauthorized interception and disclosure exists in every medium of communication, including e-mail. It is not, however, reasonable to require that a mode of communicating information must be avoided simply because interception is technologically possible, especially when unauthorized interception or dissemination of the information is a violation of law. The Committee concludes, based upon current technology and law as we are informed of it, that a lawyer sending confidential client information by unencrypted e-mail does not violate Model Rule 1.6(a) in choosing that mode to communicate. This is principally because there is a reasonable expectation of privacy in its use.”

So what about the Gmail connection? Well, that standard — the reasonable expectation of privacy — was a key consideration for the New York State Bar Association when it opined about the permissibility of free email services like Gmail.  In its Opinion 820, the New York State Bar Association voiced concern about systems like Gmail because Google used advertising to keep the service free. In return for providing the email service, “the provider’s computers scan e-mails and send or display targeted advertising to the user of the service. The e-mail provider identifies the presumed interests of the service’s user by scanning for keywords in e-mails opened by the user. The provider’s computers then send advertising that reflects the keywords in the e-mail.”  The obvious problem is that if we’re using the email system for client work, then we’re allowing the provider to scan confidential information. 

The NY authorities, however, said that all of this was okay.  Even though the email messages are scanned humans don’t actually do the scanning.  Rather, only computers engage in that task.  Thus, they stated that “merely scanning the content of e-mails by computer to generate computer advertising…does not pose a threat to client confidentiality, because the practice does not increase the risk of others obtaining knowledge of the e-mails or access to the e-mails’ content.”  In other words, lawyers had a reasonable expectation of privacy when using the service.

Today there’s been a big change. 

Big.

On September 21, 2018 the Wall Street Journal reported that Google shares Gmail information with its app developers. But what’s important is the type of information that’s being shared and who view it (remember something— here we’re not worried about privacy issues related to data sharing…this is different…this is about the lawyer’s duty to protect confidential information).  The WSJ article revealed that:

Google Inc. told lawmakers it continues to allow other companies to scan and share data from Gmail accounts…the company allows app developers to scan Gmail accounts…outside app developers can access information about what products people buy, where they travel and which friends and colleagues they interact with the most. In some cases, employees at these app companies have read people’s actual emails in order to improve their software algorithms. [emphases added]

Did you get that last part? There are real human beings who are reading the contents of Gmail messages.  What we know from NY Opinion 780 is that if human beings are reading the lawyer emails, then lawyers no longer have a reasonable expectation of privacy in Gmail.  

Sure, we lack some specific data about which emails are read, but that doesn’t change the conclusion.  We might not know if lawyers’ messages in particular were included in the messages that were scanned.  But that’s sort of exactly the problem — we don’t know.  And we don’t have any way to control or restrict the app developers from reading anyone’s emails, including our practice-related emails.  Because of that reality I don’t think that lawyers have a reasonable expectation of privacy in using Gmail any more.  Our duty to protect client confidences set forth in Rule 1.6 precludes us from using the service.  I’ll tell you the truth, it actually looks like no one — lawyer or otherwise — has a reasonable expectation of privacy with the platform.  That’s why I think lawyers need to stop using Gmail for practice related matters immediately.

Share

I have no idea why they wrote this opinion…

In 2018 there as was opinion issued by the American Bar Association and — for the life of me — I don’t understand why they wrote this opinion.

Formal Opinion 481 entitled, “A Lawyer’s Duty to Inform a Current or Former Client of the Lawyer’s Material Error” was issued on April 17, 2018.

There’s nothing so earth shattering about requiring a lawyer to notify a client when there is material error. In fact, it’s obvious and basic. In fact, the drafters of this opinion go through a bunch of advisory opinions from across the country and confirm that the requirement has been around for a while. At one point they even admit that they’re really not presenting anything new.  In addressing those other opinions they state, “These opinions provide helpful guidance to lawyers, but they do not—just as we do not—purport to precisely define the scope of a lawyer’s disclosure obligations.” 

Um…okay. 

So why are you wasting this paper? 

The next sentence sorta tells us: “Still, the Committee believes that lawyers deserve more specific guidance in evaluating their duty to disclose errors to current clients than has previously been available.” ABA Op. 481 at 4

If there’s any value to the opinion, it’s in the definition of when an error is considered to be “material.”  They state, “…a lawyer must inform a current client of a material error committed by the lawyer in the representation. An error is material if a disinterested lawyer would conclude that it is (a) reasonably likely to harm or prejudice a client; or (b) of such a nature that it would reasonably cause a client to consider terminating the representation even in the absence of harm or prejudice.” ABA op. 481 at 4.

Oh, but this only applies if the client is a “current” client. That’s because even though a lawyer must inform a current client of a material error, “Rule 1.4 imposes no similar duty to former clients.” ABA Op. 481, at 7. 

Thanks for this guidance.  I think. 

Share

A little advice to avoid phishing scams

 

There’s only so much that virus scanning/blocking software can do to protect lawyers against cyber threats.  That’s because one of the primary ways the bad guys gain access to our computer systems is by human error- when someone in our office clicks on an attachment or link and lets the bad guys in the door.  Toward that end, here’s some advice about avoiding a common trap: If it’s scary, be wary.  The bad guys are sending emails that are designed to be scary in order to motivate you to click on their evil link.  If you see something super scary, pause and take steps to verify it’s validity.

Share

Add this to your firm policies right now

A recent opinion in Virginia made it clear for all lawyers— if your firm doesn’t have an  impaired lawyer policy, you need to create one.

Many lawyers aren’t aware that ethics rules require you to stop representing a client if you, individually, develop some material impairment.  Rule 1.16(a) says, “…a lawyer shall not represent a client or, where representation has commenced, shall withdraw from the representation of a client if…(2) the lawyer’s physical or mental condition materially impairs the lawyer’s ability to represent the client…” Essentially, this is a duty to act.  Your required action, is if I become materially impaired, I must withdraw. But a recent opinion went further and held that that there may be a duty to act imposed on other lawyers in the firm.  Specifically, if you’re in a supervisory role, you may need to take some action with respect to an impaired lawyer in the firm.

First, a reminder about the general rule on supervising: Lawyers in a managerial position have a duty to create policies which ensure that other lawyers in the office are complying with the ethics rules. In addition, lawyers who specifically supervise other lawyers need to ensure that the lawyers in their charge follow the rules. Rules 5.1(a) and  5.1(b). Now, on to the impairment issue…

In LEO 1886 (December 15, 2016) the Supreme Court of Virginia asked, “What are the ethical obligations of a partner or supervisory lawyer who reasonably believes another lawyer in the firm may be suffering from a significant impairment that poses a risk to clients or the general public?”  They posited two hypotheticals: one in which a lawyer finds out that there is another lawyer at their firm with a significant substance abuse problem, and the other that portrayed an older lawyer who appears to be suffering the onset of dementia. In both cases, the lawyers’ condition is affecting their work.

Virginia confirmed that, “When a partner or supervising lawyer knows or reasonably believes that a lawyer under their direction and control is impaired, Rule 5.1(b) requires that they take reasonable steps to prevent the impaired lawyer from violating the Rules of Professional Conduct.” LEO 1886 at 3.  The opinion didn’t say that you need to dismiss the lawyer. Quite the contrary, they said that, “the firm may be able to work around or accommodate some impairment situations.” LEO 1886 at 4. But the managerial/supervisory lawyer does need to step in and do something to protect the client’s interests.

The opinion gave some direction for how to deal with this, practically.  They quoted from the ABA’s Standing Committee on Ethics and Professionalism Formal Op. 03-429 and said,

“The first step may be to confront the impaired lawyer with the facts of his impairment and insist upon steps to assure that clients are represented appropriately notwithstanding the lawyer’s impairment. Other steps may include forcefully urging the impaired lawyer to accept assistance to prevent future violations or limiting the ability of the impaired lawyer to handle legal matters or deal with clients.”

Here’s the dangerous quirk— not only do lawyers need to accept their duty to deal with this situation after the impairment issues have surfaced, but the opinion explicitly states that this issue should be considered ahead of time, in law firm policies. I’m not so sure that many firms have accounted for this in their HR docs. Specifically, the opinion states:

“In order to protect its clients, the firm should have an enforceable policy that would require, and a partner or supervising lawyer should insist, that the impaired lawyer seek appropriate assistance, counseling, therapy, or treatment as a condition of continued employment with the firm. For example, the firm could recommend, encourage or direct that the impaired lawyer contact Lawyers Helping Lawyers for an evaluation and assessment of his or her condition and referral to appropriate medical or mental health care professionals for treatment and therapy. Alternatively, making a confidential report to Lawyers Helping Lawyers may be an appropriate step for the firm. The firm or its managing lawyers might instead find it necessary or appropriate to consult with a professional medical or health care provider for advice on how to deal with and manage an impaired lawyer, including considering options for an “intervention” or other means of encouraging the lawyer to seek treatment or therapy.” LEO 1886 at 5.

And don’t forget, if the impaired lawyer violated the rules by, perhaps, neglecting a client’s matter, the firm/supervisors may be required to report that lawyer under Rule 8.3(a). I’m sure you’re aware of that duty, but I can see a firm trying to help an impaired lawyer get better, but allow the reporting duty to slip through the proverbial cracks.

The moral of this story: if your firm doesn’t have an impaired lawyer policy, you need to create one.

Share

Why lawyers might need two cell phones

Mixer cell phonesThe next ethical landmine for lawyers is located in our cell phones. Specifically, I think we are very close to the point where lawyers need to have two devices— one for work, and one for our personal use.  Here’s why.

The Wall Street Journal recently reported that cell phone sales growth have stagnated.  After years of incredible growth in sales, the pace of that growth has subsided significantly. The new frontier, the article claims, is in mobile device software. Specifically, the future lies in “frictionless computing.”

Amazon’s Echo speaker, which uses Alexa, and Snap Inc.’s new Spectacles, camera-bearing sunglasses, are examples of what Benedict Evans, partner at venture-capital firm Andreessen Horowitz, calls “frictionless computing”—easy-to-use devices that unite applications with hardware beyond smartphones. Ben Schachter, senior analyst at Macquarie Capital, says: “Our view is the next big innovation will be from outside the device—from the software.” He expects increasing use of such software to meet entertainment, health-care, home innovation and automotive needs.

The words that scare me in that quote are “outside the device.” That’s because the increased use of cell phones to connect with external hardware by way of an installed app increases the likelihood that hackers can get access to our devices.  Just this week we saw a similar concern from the medical community.  The Minneapolis Star Tribune reported about the vulnerability of hacking heart devices:

On Monday, the U.S. Food and Drug Administration published a public safety notice confirming it is possible for a hacker to remotely compromise security in St. Jude’s wireless communication network and then secretly change commands in a pacemaker or implantable defibrillator while it’s still wired to a patient’s heart….
…“As medical devices become increasingly interconnected via the internet, hospital networks, other medical devices and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities, some of which could affect how a medical device operates,” the FDA’s Monday safety alert says.

While that isn’t frictionless computing when using a cell phone, it is an external device controlled by computers via wireless communication. In that regard, it is an analogous problem.  And that problem is clear: once we start to increase the use of that type of wireless communication between devices, we increase the chance that hackers can wreak havoc.  Yes, many of these opportunities to exploit our devices have existed for a while, but the concern I have is the increased chance of compromising our data.  As the use of this technology grows, there are more and more opportunities for phishing, wireless hacking, etc.  Thus, as frictionless computing becomes more prevalent it greatly increases the opportunity for the hackers to get at our information.

Personally, I’m willing to take the risk. I like using these devices, I understand the potential hacking problem, and I am willing to accept the downside in order to make use of this new technology. I am willing to put my personal information at risk.  I am not, however, willing to put my client’s information at risk.

Many of us use our personal devices to access work information.  We like to have remote access to notes apps like Evernote and cloud storage sites like DropBox.  We text our clients and receive work emails, and that’s all sent to/from our personal device.  It’s that same device that will be used to engage further in frictionless computing— many of us are probably Alexa addicts already, for instance.  To date, we feel comfortable mixing business and personal use because we put password protections on the device and take other reasonable measures to protect client information.  But at some point, vulnerabilities will increase to such an extent that the definition of what constitutes “reasonable measures” will change. I am concerned that the increased use of frictionless computing is hastening that change.

Today it might be reasonable to put a password to restrict access to the phones.  But if frictionless computing is going to increase the opportunities for bad guys to hack into our devices, then  it might not suffice to simply have a password or thumbprint barrier to access our phone.  The prudent move might be to get another device all together for work matters. Maybe that work device won’t be used for frictionless computing at all.  Maybe the security measures we take with that work-only device will be more stringent than our personal device.  Then, we can make use of the wonders of frictionless computing, etc., without taking unreasonable risks that compromise client information.

Bear in mind that this isn’t about eliminating risk. Risk can never be completely eliminated. The question we need to ask is, “when does the risk expand to a point where it’s necessary to take some different action?”  As usual, there is no way to discern exactly when we have crossed that line.  But it’s my job to tell you when the warning signs appear.  Well…boom, they’ve appeared.  Keep your eyes open and make the move when you think it’s warranted. Just don’t get blindsided.

Share

You, personally, gotta know your stuff

4F8K4ADXK8

I recently spoke at a law firm about the ethical implications when lawyers use technology.  I was talking about lawyers who choose to store client information in the cloud and  I explained how the lawyer needs to understand the technology associated with the cloud storage site that the lawyer may use.  I explained that Rule 1.1 (Competence) demands that we, personally, understand those details.  It was exactly then that a very irate lawyer shot up his hand and barked at me, “I’ll just bring my IT guy with me and point to him.  I’ll tell that committee to talk to HIM about it, then I’ll leave.”  While I was itching to answer in an obnoxiously New Jersey manner, I noticed that the angry lawyer was the only man in the room who happened to be older, white haired, male, and wearing a suit.  He had “managing partner” written all over him.  It was at that point that I figured I’d soften the edge on my reply, lest I not be invited back to the firm.  I (ever so gently) explained that it was the lawyer’s individual responsibility to understand the technology and that we would not be permitted to simply bring our support staff to a grievance and wash our hands of the situation.

 

I thought of this today because I was reading the Alaska Bar Association Ethics Opinion No. 2014-3.  That opinion addressed the ethics of using cloud services, and there is one sentence in particular that stood out.  The opinion reminds us that, “Because the lawyer’s duties of confidentiality and competence are ongoing and not delegable, a lawyer must take reasonable steps to protect client information when storing data in the cloud.” Op. 2014-3 at 1-2. The key words, of course, are “ongoing and not delegable.”

 

Our duty of competence is a personal requirement.  Sure, we can employ support staff to assist us with our practice, but the ultimate responsibility to maintain our competence lies with us.  That lawyers would not have been able to simply bring his IT guy to the grievance and throw him to the disciplinary wolves.  In fact, if he tried to do that I think he might get bit himself.
Share