Internet Security a Virtual Requirement
by Ed Poll
The American Bar Association's Model Rules of Professional Conduct have no formal ethical prohibition against conducting legal practice over the Internet. In fact, the eLawyering Task Force of the ABA's Law Practice Management Section has created guidelines for such a practice, emphasizing the need for a secure, encrypted website to maintain client confidentiality in representation, retainer terms and online payment.
Otherwise, the task force notes, it would be "difficult or impossible to comply with the rules of professional conduct that deal with … client confidentiality."
It is a lawyer's ethical duty to protect all documents on behalf of clients. ABA Rule of Professional Conduct 1.15 requires that client files be "appropriately safeguarded" and failure to do so is a failure in the overall duty to act competently in the best interests of a client.
But with all online activities increasingly done over wireless connections —whether by laptop or smartphone — where does that leave file confidentiality?
Earlier this year, the California bar issued opinion 2010-179 to address that issue. The opinion identifies what lawyers should consider when contacting clients or sending files over a wireless connection:
In addition to requiring security for client communication and files, they require that a lawyer be competent when measured against the standard of care in the local community. If competitors are using encrypted smartphones for wireless messages, or relying on landlines for such usage, that is the standard of care against which a firm is measured. Firms that don't meet it are willfully less competent — and open to charges of malpractice.
A final note of caution, with ramifications that are still unclear, is the issue of cloud computing, in which software and servers are owned by service providers and reside in a remote "cloud" location.
The firm that uses cloud computing purchases Internet-based document assembly, document management, practice management and time and billing programs just like any other service, but does not control storage or reliability.
That can be a problem because cloud computing services have already suffered major service breakdowns that make programs unavailable — particularly if specialized legal software is not backed up on different servers.
Although no major cloud computing data breaches have been publicized, that possibility also exists. The firm that uses cloud computing does so knowing it may have connection, security or reliability problems. It's a virtual risk that requires careful evaluation.
© Copyright 2011. Edward Poll. All rights reserved. Reprinted with permission from Edward Poll.
Ed Poll principal of LawBiz Management Company, is a nationally recognized coach, law firm management consultant, and author who has coached and consulted with lawyers and law firms in strategic planning, profitability analysis, and practice development. Mr. Poll has practiced law on all sides of the table for 25 years-- as a corporate general counsel, government prosecutor, sole practitioner, partner, and law firm chief operating officer and been a consultant to small and large law firms for 20 years.
The opinions expressed in this article do not necessarily reflect the opinion of ILW.COM.