By Joseph S. Berman
Editor’s Note: Joe Berman and his colleague at the BBO, Stacy Best, will lead an hour-long breakout session entitled “Ethics Involving Remote office Matters and Shared Office Space,” at the Association’s Spring Conference on Tuesday, May 1st in Norwood.
Starting in May of last year, I have had the privilege of serving as General Counsel at the Board of Bar Overseers. Prior to assumingthis position, I was in private practice for over twenty years, including several years as a mediator and arbitrator. I was honored to be on REBA’s panel of neutrals, and I have many happy memories of helping litigants resolve their real estate disputes. Since a new job provides the opportunity to take a look at things with a fresh perspective, I want to discuss the role of the BBO and my view of its future in an evolving profession. Many of these changes will be of direct interest to the real estate bar.
Like practitioners in every profession, lawyers are facing rapid change, and it’s critical that our ethical rules and standards keep up. Not surprisingly, technology is at the top of the list. When I was in law school, I typed papers and exams on a Smith-Corona typewriter. Computerized legal research was done on the law library’s dedicated Westlaw computer terminal, which was the size of a small refrigerator. Today, we carry the entire library in our pocket and we are as likely to communicate with clients via text message as a formal letter.
With all the benefits of technology come challenges. The most important of these concerns protection of client confidences. Rule 1.6 of the Rules of Professional Conduct requires lawyers to protect confidential information relating to the representation of a client. The rule expands beyond the limits of the attorney client privilege. It extends to any confidential information gained during or relating to the representation of a client, whatever its source. Since 2012, Rule 1.6(c) has required lawyers to make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, confidential information. Thus, attorneys must take affirmative steps to guard against improper disclosure.
In our technology-based world, there two additional sources of authority. The first is Comment 8 to Rule 1.1, the rule that sets forth the general standard of competence. The comment, added in 2015, explains that competence is not limited to legal knowledge or skill. Competence includes keeping abreast of changes in the law and its practice, “including the benefits and risks associated with relevant technology.” As a baseline level of competence, the ABA Commission on Ethics 20/20 opined that every lawyer needed to be able to use email and create an electronic document. But, that’s only the starting point. Lawyers need to be adept at multiple technological tasks. In the twenty-first century, it’s not enough to be a skilled lawyer, with knowledge of statutes and case law or the ability to eloquently argue a case. Fulfilling one’s ethical duties of competence now encompasses adroit use of technology. As our clients become more sophisticated, they will expect their lawyers to be as well.
This year, the American Bar Association issued Formal Opinion Number 477, which governs the duty to safeguard client confidences. The opinion states that lawyers may have to take special security measures to protect client information. The ABA’s Ethics Committee declined to impose a “hard and fast rule,” but advised a “reasonable efforts” standard to identify appropriate security measures responsive to specific risks. In practice, this means that lawyers will have to use different security measures depending on the sensitivity of the information; the likelihood of disclosure if additional measures are not taken; the costs and difficulty of implementing additional measures; and the extent to which the safeguards adversely affect the lawyer’s ability to represent clients by, for example, making technology excessively difficult to use. Thus, some emails may have to be encrypted. A law firm will have to make sure that it has adequate firewall protection against hacking. It will have to make sure that its network is password-protected. These are minimum standards. Depending on the client or the case, more security may be required. We may be nearing a time when all electronic communications must be encrypted, and every device must be password-protected.
Lawyers, particularly real estate practitioners, are prime hacking targets. We routinely hold sensitive information, such as medical records, bank records, social security numbers, and other identifying information. The safeguards we use may be less robust than those used by our clients, particularly institutional clients. And, the information we possess may be less voluminous and easier to access than the information stored by our clients. The Rules of Professional Conduct (as explicated by the recent ABA opinion and comment 8 to Rule 1.1) require attorneys to be competent in protecting data and confidentiality. Lawyers will have to stay abreast of changes in technology, particularly with regard to cyber security. Since many of us do not have sufficient experience in this realm, we may need to hire vendors or IT professionals. I also would urge attorneys to consult the Law Office Management Assistance Program (LOMAP), which has resources for helping with technology.
Another important issue for the bar involves emergency and succession planning. Emergency planning demands some degree of common sense and foresight. Lawyers should have plans in place in case of natural disasters, acts of terror, or electronic hacking. At a basic level, this requires back-up systems and the knowledge how to use them. In the age of cloud computing, it’s relatively straightforward to store data in more than one physical location. Reducing paper is beneficial in many ways, including making lawyers less susceptible to physical theft or damage. But for remote data storage to work properly and securely, lawyers must follow proper procedures and must have the ability to retrieve data easily. This circles back to our basic duty of competence. Every lawyer and law firm should have an emergency plan.
Succession planning is another important issue, particularly for solo practitioners, but law firms of every size should have in place a plan in case of the sudden unavailability (by death or disability) or disappearance of an attorney. There should be clear, written instructions for handling client matters as well as general law firm business (e.g. payroll and rent). Attorneys should designate a person (or persons) to act in their place, they should discuss the plan with their successor, and they should make sure that the successor understands the scope of the request and agrees to do it. Appointment of a successor lawyer could be established through a power of attorney or a more detailed agreement, which both parties would sign. The effectiveness of any succession depends on an efficiently-run law office. Lawyers need to keep an up-to-date list of matters and clients with current contact information as well as multiple copies of a calendar with all deadlines. There should be an office manual for items such as computers, accounting, phones, and bank accounts.
The point of raising these issues is not to give lawyers heart palpitations. None of this is difficult or costly. But, as the economy changes around us, the legal profession must stay current. Keeping abreast of technology is an aspect of competent, ethical practice. And planning for emergencies is like an insurance policy against possible problems. It is better to confront them now, rather than react later. With a few small ounces of prevention, lawyers can focus on what brought us into the profession in the first place: advising and counseling our clients.
General Counsel to the BBO, Joe Berman is a member of Lawyers Weekly’s Board of Editors. The opinions expressed here are his own and do not necessarily represent the position of the Board of Bar Overseers. Joe can be contacted by email at J.Berman@massbbo.org.