Management Assistance Program on www.OKbar.org

OBA-MAP

The Benefits and Risks Associated with Relevant Technology

The technology and best practices used by lawyers to serve their clients and manage their practices has been a frequently discussed topic over recent years. For Oklahoma lawyers, there is a new reason to increase the attention paid to technology now. By order dated Sept. 19, 2016, the Oklahoma Supreme Court amended the Oklahoma Rules of Professional Conduct (ORPC) to incorporate several changes, many relating to technology. These changes were based on modifications to the ABA’s Model Rules of Professional Conduct that were passed in 2012. 

One of those changes incorporated what some commentators have referred to as the ethical duty of technology competence. According to Robert Ambrogi, who tracks adoption of these rule changes at his Lawsites blog, Oklahoma is the 24th state to adopt this rule change. This change is contained in comment [6] to ORPC 1.1. The language added by amendment is underlined. The comment now states:

Maintaining Competence.

[6] To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject, including the benefits and risks associated with relevant technology.

This rule change would be considered obvious to some, considering how critical technology is to the operation of all sorts of businesses today. But it also could be concerning for other members of the bar who are not confident with their understanding of technology advances

WE DON’T ALL LOVE TECHNOLOGY

Today we all have a love-hate relationship with our personal technology. We love it when it conveniently works as we believe it should and hate it when it doesn’t operate according to our expectations and we cannot figure out why. But while the pervasive use of technology has changed our lives and changed society, our profession has sometimes tended to have more hate than love for the technology we use. 

In 1997 when I was first hired to create the OBA Management Assistance Program, there was a debate about the proper role of technology in the law office with many lawyers forcefully stating their position that computers were a tool for legal secretaries, but not for lawyers to personally use. Once when I wrote an early column on technology tips for the Oklahoma Bar Journal, I received an angry letter from a reader indicating that computers should only be used by lawyers for legal research and word processing, with everything else being a waste of time.

The perceived antipathy of lawyers toward technology advances has been criticized by some. But this tendency is actually quite understandable. Our training is to rely on precedent, which often boils down to using court opinions issued in the past to predict future decisions by judges. Technology advances during the last several decades have been both unprecedented and unpredictable. 

Traditionally few of those entering the legal profession had a background in subjects like engineering and mathematics. Our background has been more of arts and letters than of computer science. Texas Supreme Court Justice Don R. Willett, who has a notable and active Twitter account (@JusticeWillet), was asked what made him decide to go to law school and tweeted in response, “I was told there would be no math.”

Today we are long past the point of debating whether lawyers should use information technology. One of the hallmarks of a small law firm becoming a medium-sized law firm is when they decide to hire full-time dedicated IT staff.

It is also easy to misunderstand this requirement. There is no need for a lawyer to become an IT professional. Actually for many lawyers it would be a dangerous situation to become overly involved in many do-it-yourself IT projects. The key is to know what you don’t know, which is to say you need to understand when help from an IT professional may be required. 

For example, litigators today need to understand how electronic discovery works and the application of the federal rules, litigation hold principles and the differences in evidentiary value between discovery materials produced in image-only format versus native format. These are areas of traditional legal work. When there is a suspicion that information has been tampered with, the lawyer also should appreciate that a digital forensics review could uncover the wrongdoing.

This does not mean that the lawyer should personally know how to do a digital forensics analysis. Often the analysis would be assigned to an outside provider.

It should also be noted that the Florida Supreme Court adopted changes to its ethics rules the week after the Oklahoma Supreme Court did, making Florida the 25th state to adopt this requirement, albeit with slightly different language. The Florida Supreme Court also added the following language that other states’ rules do not have:

Competent representation may also involve the association or retention of a non-lawyer advisor of established technological competence in the field in question. Competent representation also involves safeguarding confidential information relating to the representation, including, but not limited to, electronic transmissions and communications. 

The Florida Supreme Court also required that Florida lawyers must now complete a minimum of three hours of CLE every three years “in approved technology programs.” This makes Florida the first state to require technology-based continuing legal education. 

There are other Oklahoma ethics rule changes as well. Most are related to changes in the way we work with technology today. 

ORPC 1.0 Terminology - In the definition of writing in section (n), “e-mail” has been replaced with “electronic communications.” In comment [9] discussing screening measures the word “materials” was replaced with “information, including information in electronic form.”

ORPC 1.4 Communication - Comment [4] was amended by replacing “Client telephone calls should be promptly returned or acknowledged.” with “A lawyer should promptly respond to or acknowledge client communications.”

ORPC 1.6 Confidentiality of Information - A new subsection (c) has been added:

 Rule 1.6 (c) A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.

Comments [16] and [17] to ORPC were amended as well as shown below:

Acting Competently Reasonably to Preserve Confidentiality

[16] Paragraph (c) requires a A lawyer must to act competently reasonably to safeguard information relating to the representation of a client against inadvertent or unauthorized disclosure by the lawyer or other persons who are participating in the representation of the client or who are subject to the lawyer’s supervision. See Rules 1.1, 5.1, and 5.3. The unauthorized access to, or the inadvertent or unauthorized disclosure of, information relating to the representation of a client does not constitute a violation of paragraph (c) if the lawyer has made reasonable efforts to prevent the access or disclosure. Factors to be considered in determining the reasonableness of the lawyer’s efforts include, but are not limited to, the sensitivity of the information, the likelihood of disclosure if additional safeguards are not employed, the cost of employing additional safeguards, the difficulty of implementing the safeguards, and the extent to which the safeguards adversely affect the lawyer’s ability to represent clients (e.g., by making a device or important piece of software excessively difficult to use). A client may require the lawyer to implement special security measures not required by this Rule or may give informed consent to forgo security measures that would otherwise be required by this Rule. Whether a lawyer may be required to take additional steps to safeguard a client’s information in order to comply with other law, such as state and federal laws that govern date privacy or that impose notification requirements upon the loss of, or unauthorized access to, electronic information, is beyond the scope of these Rules. For a lawyer’s duties when sharing information with nonlawyers outside the lawyer’s own firm, see Rule 5.3, Comments [3] -[4].

[17] When transmitting a communication that includes information relating to the representation of a client, the lawyer must take reasonable precautions to prevent the information from coming into the hands of unintended recipients. This duty, however, does not require that the lawyer use special security measures if the method of communication affords a reasonable expectation of privacy. Special circumstances, however, may warrant special precautions. Factors to be considered in determining the reasonableness of the lawyer’s expectation of confidentiality include the sensitivity of the information and the extent to which privacy of the communication is protected by law or by a confidentiality agreement. A client may require the lawyer to implement special security measures not required by this Rule or may give informed consent to the use of a means of communication that would otherwise be prohibited by this Rule. Whether a lawyer may be required to take additional steps in order to comply with other law, such as state and federal laws that govern data privacy, is beyond the scope of these Rules.

ORPC 4.4 Respect for Rights of Third Persons - This was amended to make it clear that a lawyer who receives either a document “or electronically stored information” that the lawyer knows or should know was sent inadvertently shall promptly notify the sender.

There were several additions to comment [2] relating to this situation. Generally the comment states that any additional steps that may be required are outside the scope of these rules and that metadata only creates a notification obligation under this rule if the lawyer knows or reasonably should know that the metadata was inadvertently sent to the receiving lawyer.

Our esteemed Rules of Professional Conduct have more technology-based references today. Such references should be expected given that almost every aspect of business operations today has more to do with technology than in the past, as do many aspects of our personal and professional lives.

Cyber security is an important issue, both for the protection of clients’ information you may possess and for your personal information. An annual (at least) discussion with staff about not clicking on unexpected attachments or links in emails from unknown senders is not just a law firm best practice, it is a best practice for every type of business that uses email.

BE A JETSON

A general counsel addressing a group of lawyers stated that she still saw a lot of “Flintstones” versus “Jetsons” when addressing technology in firms she has dealt with. Be a Jetson.

But how? Lawyers are trained to research until an answer has been found or until the research is no longer producing useful results. Technology awareness doesn’t work like that today. What is true today may not be true tomorrow when a new invention is unveiled or a software bug is discovered. Technology fuels societal changes, with both positive and negative results. A recent speaker at a legal technology conference opined that today all businesses are first and foremost media businesses and must communicate their message before they have the opportunity to attempt to sell goods or services.

The OBA has a program scheduled for Nov. 2 called “Essential Business Skills for Lawyers” as part of the OBA Annual Meeting. (No Annual Meeting registration required to to enroll.) This program contains a lot of information about using technology tools. See the box on this article’s first page for more information.

Additionally, read the OBA E-News. It includes technology and practice management tips in every issue. You can also visit my blog at www.lawpracticetipsblog.com to read more about technology tips and tools.

Your law practice has become, at least in significant part, a technology business. This happened without your approval or consent. You may take some consolation from the fact that this is what has happened to most businesses today. We all have to understand the risks and benefits of relevant technology today and that was true even before it was officially enshrined into our Oklahoma Rules of Professional Conduct.

Mr. Calloway is OBA Management Assistance Program Director.  Need a quick answer to a tech problem or help solving a management dilemma?  Contact him at 405-416-7008, 1-800-522-8065 or jimc@okbar.org.  It's a free member benefit!


Originally published in the Oklahoma Bar Journal -- October 15, 2016 -- Vol. 87, No. 27