An attorney keeps her client files on the hard drive of her laptop. These files include confidential and sensitive client information, and attorney-client communications. Leaving a dentist appointment, she discovers that her car’s windows have been smashed and that the property inside the car — including her GPS and her laptop — have been stolen. She has not yet backed-up some of the data on the hard drive and cannot now duplicate the file for the client.
The client is furious. The lawyer is mortified. Is she also unethical?
This was one of several enticing hypotheticals discussed on a panel at the ABA Business Law Section’s Annual Meeting this month. The panel, titled What You Need to Know About Ethics 20/20 and Why You Need to Know It,was scheduled at 8:00 a.m. on a Saturday during a meeting held in Las Vegas, and it was pretty near a sell-out.
Ethics 20/20 is the curiously named initiative that began in 2009 to review the entire Model Rules in light of changes in technology and the practice. Some of its recommendations will be brought to the ABA House of Delegates at the Annual Meeting in August 2012, and others may be advanced at the ABA Midyear Meeting in February 2013. This panel offered a glimpse of some of the problems with which the Commission has wrestled.
Our friend with the broken window was referred to Rule 1.6 when her client lodged an ethics grievance arising from the incident. That rule strictly forbids disclosure of client information. The complaint was dismissed but the Las Vegas panel suggested that the ethics reviewers may not have appreciated just how negligent the attorney had been — no back-up, no cloud, no encryption, not even a password barrier to prohibit anyone in possession of the laptop to gain all of its information. A proposed new Rule 1.6(c) would impose an obligation to exercise “reasonable efforts” to prevent unauthorized or inadvertent access to client information.
Another hypothetical was pointed at the Las Vegas meeting: A lawyer receives an email from a client with respect to strategies for an unannounced hostile tender offer, along with a directive that the lawyer respond very promptly. The lawyer notes that the client’s email was sent from a hotel through its public wi-fi system and is neither secure nor encrypted. Can the lawyer breach ethical obligations by virtue of the manner in which he responds? Absolutely yes, says ABA Opinion 11-459. A lawyer must warn the client of the risks of communications conducted on open, public internet channels. “This obligation arises, at the very least, when the lawyer knows or reasonably should know that the client is likely to send or receive substantive client-lawyer communications via e-mail or other electronic means, using a business device or system under circumstances where there is a significant risk that the communications will be read by a third party.”
Mobility, as well as technology, raised interesting ethical concerns. A partner in Firm A expresses interest in joining Firm B. Among the inquiries posed by the prospective firm is the lawyer’s “portable” client list (to determine whether conflicts would arise with the firm’s existing client base) and the nature and billing amounts of his work for those clients (to determine the economic value of the new prospective partner to the firm). May the firm ask, and may the lawyer disclose, either or both? Yes, but only to a point, says the proposed new Rule 1.6(b)(7). Rule 1.6(a) states the attorney may not disclose client confidences except in circumstances set forth in 1.6(b)(1-6). The proposed new exception (7) would provide that the information can be disclosed to the extent necessary to determine conflicts of interest, and may be used only for that purpose. Proposed Comment 13 explains that such disclosure, while important and even necessary in cases of mergers or transfers between firms, nevertheless may not take place if revealing the information could be adverse to the client.
Among the many other examples, this last one confirms what we all learned in law school: That “ethics” doesn’t mean “logic.” An attorney admitted in England is asked to come to America to render advice on English law to a firm’s New York client. May she do so? No, says Rule 5.5, which forbids the practice of law (i.e., rendering legal advice) by a person not admitted to practice in the jurisdiction in which the advice is rendered. So the English lawyer stays in London and counsels the client using Skype. Any problem? None at all.
(The Commission is proposing a “temporary practice” revision of Rule 5.5. But ain’t life a wonder?)
