By Joseph S. Berman
Editor’s
Note: Joe Berman and his colleague at
the BBO, Stacy Best, will lead an hour-long breakout session entitled “Ethics
Involving Remote office Matters and Shared Office Space,” at the Association’s
Spring Conference on Tuesday, May 1st in Norwood.
Starting in May of last year, I have had the privilege
of serving as General Counsel at the Board of Bar Overseers. Prior to assuming
Like practitioners in every profession, lawyers are
facing rapid change, and it’s critical that our ethical rules and standards
keep up. Not surprisingly, technology is
at the top of the list. When I was in
law school, I typed papers and exams on a Smith-Corona typewriter. Computerized legal research was done on the
law library’s dedicated Westlaw computer terminal, which was the size of a
small refrigerator. Today, we carry the entire
library in our pocket and we are as likely to communicate with clients via text
message as a formal letter.
With all the benefits of technology come
challenges. The most important of these concerns
protection of client confidences. Rule
1.6 of the Rules of Professional Conduct requires lawyers to protect
confidential information relating to the representation of a client. The rule expands beyond the limits of the
attorney client privilege. It extends to
any confidential information gained during or relating to the representation of
a client, whatever its source. Since
2012, Rule 1.6(c) has required lawyers to make reasonable efforts to prevent
the inadvertent or unauthorized disclosure of, or unauthorized access to,
confidential information. Thus,
attorneys must take affirmative steps to guard against improper disclosure.
In our technology-based world, there two additional
sources of authority. The first is
Comment 8 to Rule 1.1, the rule that sets forth the general standard of
competence. The comment, added in 2015,
explains that competence is not limited to legal knowledge or skill. Competence includes keeping abreast of
changes in the law and its practice, “including the benefits and risks
associated with relevant technology.” As
a baseline level of competence, the ABA Commission on Ethics 20/20 opined that
every lawyer needed to be able to use email and create an electronic document. But, that’s only the starting point. Lawyers need to be adept at multiple
technological tasks. In the twenty-first
century, it’s not enough to be a skilled lawyer, with knowledge of statutes and
case law or the ability to eloquently argue a case. Fulfilling one’s ethical duties of competence
now encompasses adroit use of technology.
As our clients become more sophisticated, they will expect their lawyers
to be as well.
This year, the American Bar Association issued Formal Opinion
Number 477, which governs the duty to safeguard client confidences. The opinion states that lawyers may have to
take special security measures to protect client information. The ABA’s Ethics Committee declined to impose
a “hard and fast rule,” but advised a “reasonable efforts” standard to identify
appropriate security measures responsive to specific risks. In practice, this means that lawyers will
have to use different security measures depending on the sensitivity of the
information; the likelihood of disclosure if additional measures are not taken;
the costs and difficulty of implementing additional measures; and the extent to
which the safeguards adversely affect the lawyer’s ability to represent clients
by, for example, making technology excessively difficult to use. Thus, some emails may have to be
encrypted. A law firm will have to make
sure that it has adequate firewall protection against hacking. It will have to make sure that its network is
password-protected. These are minimum
standards. Depending on the client or
the case, more security may be required.
We may be nearing a time when all electronic communications must be encrypted,
and every device must be password-protected.
Lawyers, particularly real estate practitioners, are prime
hacking targets. We routinely hold
sensitive information, such as medical records, bank records, social security
numbers, and other identifying information.
The safeguards we use may be less robust than those used by our clients,
particularly institutional clients. And,
the information we possess may be less voluminous and easier to access than the
information stored by our clients. The
Rules of Professional Conduct (as explicated by the recent ABA opinion and
comment 8 to Rule 1.1) require attorneys to be competent in protecting data and
confidentiality. Lawyers will have to
stay abreast of changes in technology, particularly with regard to cyber
security. Since many of us do not have
sufficient experience in this realm, we may need to hire vendors or IT
professionals. I also would urge
attorneys to consult the Law Office Management Assistance Program (LOMAP),
which has resources for helping with technology.
Another important issue for the bar involves emergency
and succession planning. Emergency planning
demands some degree of common sense and foresight. Lawyers should have plans in place in case of
natural disasters, acts of terror, or electronic hacking. At a basic level, this requires back-up
systems and the knowledge how to use them.
In the age of cloud computing,
it’s relatively straightforward to store data in more than one physical
location. Reducing paper is beneficial
in many ways, including making lawyers less susceptible to physical theft or
damage. But for remote data storage to work
properly and securely, lawyers must follow proper procedures and must have the
ability to retrieve data easily. This circles
back to our basic duty of competence.
Every lawyer and law firm should have an emergency plan.
Succession planning is another important issue,
particularly for solo practitioners, but law firms of every size should have in
place a plan in case of the sudden unavailability (by death or disability) or
disappearance of an attorney. There
should be clear, written instructions for handling client matters as well as
general law firm business (e.g. payroll and rent). Attorneys should designate a person (or
persons) to act in their place, they should discuss the plan with their
successor, and they should make sure that the successor understands the scope
of the request and agrees to do it.
Appointment of a successor lawyer could be established through a power
of attorney or a more detailed agreement, which both parties would sign. The effectiveness of any succession depends
on an efficiently-run law office.
Lawyers need to keep an up-to-date list of matters and clients with
current contact information as well as multiple copies of a calendar with all
deadlines. There should be an office
manual for items such as computers, accounting, phones, and bank accounts.
The point of raising these issues is not to give
lawyers heart palpitations. None of this
is difficult or costly. But, as the
economy changes around us, the legal profession must stay current. Keeping abreast of technology is an aspect of
competent, ethical practice. And
planning for emergencies is like an insurance policy against possible problems.
It is better to confront them now,
rather than react later. With a few
small ounces of prevention, lawyers can focus on what brought us into the
profession in the first place: advising and counseling our clients.
General Counsel to the BBO, Joe Berman is a member of
Lawyers Weekly’s Board of Editors. The opinions expressed here are his own
and do not necessarily represent the position of the Board of Bar Overseers.
Joe can be contacted by email at J.Berman@massbbo.org.
