Oklahoma Bar Journal
Safeguarding Client Property and Confidentiality in the Digital World
By Jason Christopher
There is not a single practicing lawyer who is unaffected by the evolution of technology over the past 15 years. The use of smartphones has revolutionized the practice of law. Most lawyers have one – many lawyers spend most of the practicing day squinting at tiny screens. Lately it seems we see more of the tops of lawyers’ heads in a courtroom than their eyes. Some are “conducting client research” on Facebook, some are battling level 458 of Candy Crush, but most are communicating with their offices, messaging clients, checking emails or reviewing relevant law. The smartphone is the new computer, and texting is the new phone call. While technology has fundamentally changed the manner in which we communicate with clients, the rules of ethics with respect to communication remain the same.
THE EVOLUTION OF EVIDENCE
Every lawyer knows the cardinal rules of practice: don’t steal client funds, don’t violate confidentiality and be an advocate. Oklahoma Professional Rule 1.15 commands that we safeguard our client’s money – placing retainers in the trust account and moving only what is earned. However, Rule 1.15 requires more from an attorney than simply safeguarding client funds – it also requires protecting the client’s property, including evidence provided to the practitioner. With the advance of technology and the use of smartphones, the rule has become more problematic for attorneys who practice trial work, whether it be family, civil litigation or criminal defense.
For example, just a few years ago, divorce and child custody attorneys primarily relied upon testimony of witnesses to relay to the court their position of what was in the best interest of the children. Mothers and fathers would each tell the court about their own stellar parenting skills, testify about the outrageous conduct of the other parent and then the court would have to sort out the truth. Proceedings were heavy on hearsay and short on exhibits. Such is not the case anymore. Parents communicate almost exclusively via text message and, often against the advice of their attorney, video every interaction and record every phone call. This development has resulted in clients handing over more property to the attorney than ever before.
The new normal is that clients dump hundreds of pages of text messages, photographs and videos on their attorney by thumb drive, email and even via text. Attorneys must search for the case-winning needle in the electronic haystack. Legal counsel also must protect the data just as closely as one would a firearm or a stock certificate and also must provide the data to the client upon request.1 To further complicate matters, those documents and files are often saved in an electronic format and stored on a server located in an office or in the cloud.
PROTECTING ELECTRONIC CLIENT DATA
How does the practicing attorney properly safeguard the client’s property in an electronic format? What about the recent news of weaponized ransomware and the nightmare scenario it poses for law firms? How many lawyers have “accidentally” clicked on a suspect link which infects the computer with some sort of virus. I have been guilty of a clicking error in the past by falling for the “I Love You” virus about 15 years ago in the Atoka County District Attorney’s Office. The virus was embarrassing in that it emailed everyone in your address book an “I love you” message, but it was fairly be-nign as viruses go. Times have certainly changed. A simple click can expose your entire server to being hacked, controlled by malicious third-parties and held for ransom. A breach such as this, even the result of an illegal act, can expose the lawyer to discipline by the Oklahoma Bar Association, not to mention unhappy clients. Imagine the difficult conversation with a client whose sensitive information to which you have been entrusted is suddenly in the hands of a hacker from Russia. There is no adequate explanation available.
Rule 1.6 of the Oklahoma Rules of Professional Conduct sets forth the ethical requirement in this scenario, no matter what form the information takes. Lawyers must “act competently to safeguard information relating to the representation of a client against inadvertent or unauthorized disclosure by the lawyer or other persons who are participating in the representation of the client or who are subject to the lawyer’s supervision.”2
At a minimum, this requires a firewall and updated security software for a practice. I, a partner in a small firm of four lawyers and six employees, enlisted the assistance of OBA Management Assistance Program Director Jim Calloway. Under his direction, a new firewall and an improved electronic back up schedule were implemented. The firm has wholeheartedly embraced Jim Calloway’s exhortation to use the cloud. Finally, the firm has made every effort to counsel our staff and each other to think before clicking. If someone does not recognize a message, treat it with an abundance of caution and either delete it or quarantine it. Another word about Jim Calloway – his technology blog is informative and easily accessible. Further, if you have a technical question not found in the blog, he is always eager to help.
CONFIDENTIALITY OF ELECTRONIC DATA
Client confidentiality is equally paramount to safeguarding our client’s property. Lawyers certainly know what can and cannot be repeated from a client, but electronic communication creates its own unique set of problems. It is easy to forget that the texts with your client are considered communications and are covered by Rule 1.6 and as such, require special protection. What if a lawyer allows someone to borrow his or her phone to make a call or to look at a photograph? How many privileged conversations are contained on your smartphone in text messages or emails from a client? If using iMessage, are those messages on multiple platforms, like an iPad or iMac? Can they end up on a family iPhone using the same Apple ID? What happens to those conversations when someone upgrades to the new iPhone X? Are they deleted forever when deleted or can they be retrieved? These are important questions to consider when communicating with clients. Ask electronic experts the right questions to ensure those client communications are as confidential as verbal ones.
Lawyers should set a unique password on smartphones and other electronic devices – better yet a thumbprint if offered as a protection option to unlock it. Lawyers who use social media to communicate with clients should keep account logins secure. Lawyers who use Dropbox or other file-sharing applications should follow the same protocol.
Also, there are other ethical concerns when communicating with the public on social media platforms. Lawyers must be careful with “cold calls” online such as strangers who seek legal advice by messenger and must advise them to call for an appointment at the office to run a proper conflict check, making it clear that talking to them via messenger does not constitute an attorney-client relationship. Finally, lawyers should be cautious about what they share on social media – never share any detail of a case which would identify a client or the case. Social media can be a wonderful marketing tool, but it can also pose a host of ethical problems.
While the advance of technology creates new challenges for attorneys, adherence to old rules will continue to uphold the integrity of the profession. Client property and confidentiality are still paramount. Attorneys should treat text messages like they would conversations, and private pictures and emails just as they would stock certificates and bank records. If it was important enough for the client to give to the lawyer, it is important enough to protect. Our clients expect it, and the law requires it.
ABOUT THE AUTHOR
Jason Christopher is from Ada where he is a founding partner of Sweeney, Draper & Christopher. His primary areas of practice in-clude criminal defense and civil litigation. He graduated from the OU College of Law in 1997. He is a former member of the OBA Evidence Code Committee, and a current associate bar examiner for ethics. He is an adjunct professor of criminal law at East Central University. He also serves as municipal judge in Tupelo and city attorney for Fitzhugh.
1. State ex rel. Oklahoma Bar Ass’n v. Chapman, Okla., 114 P.3d 414 (2005), See also State ex rel. Oklahoma Bar Ass’n v. Landman, Okla., 784 P.2d 1064 (1989).
2. Rule 1.6 Oklahoma Rules of Professional Conduct.
Originally published in the Oklahoma Bar Journal -- OBJ 88 pg. 2415 (Dec. 16, 2017)