Risky Communication: Protecting Digital Attorney-Client Privilege
Our digital connection to work is often so constant that we forget to draw the line between personal and professional. You may want to draw that line more clearly based on a recent ethics opinion released by the American Bar Association (ABA). In short (full opinion), the ABA tells attorneys that they need advise clients that attorney-client privilege may not exist if clients use a work computer, work email, or a public device (e.g., library computer) to communicate with their attorneys. So how does this apply to you?
A Problem at Work
Letâ€™s say you have an issue with your employer that escalates to a lawsuit. Because, the theory goes, the employer has ready access to your computer and your accounts (and may even be using keystroke software):
â€œClients may not be afforded a â€˜reasonable expectation of privacyâ€™ when they use an employerâ€™s computer to send e-mails to their attorneys or receive e-mails from their attorneys,â€ continues the opinion. â€œEmployers often have policies reserving a right of access to employeesâ€™ e-mail correspondence via the employerâ€™s e-mail account, computers or other devices, such as smartphones and tablet devices, from which their employees correspond.â€
In some ways, this aspect of the opinion shouldnâ€™t be a huge surprise. Itâ€™s the second part of the opinion about public devices that may present the bigger conundrum.
Public, Not Private
We take public access to the Internet for granted. From conference halls to coffee houses, we expect to access our digital accounts at any time and in any place. For some, Internet access may only be available via a local library. But despite the convenience, that which is public is very rarely private.
Do you think twice when your computer asks if you want to connect to an unsecured Wi-Fi network? How many of you have dropped into the hotelâ€™s business center for a quick email or to print an attachment? If you are not using a personal computer on a secured network, then you must lower your expectations that your activities will remain private. You, and who youâ€™re communicating with, are very much on public display.
Who Do you Trust
The ABA takes the position that by using what constitutes as a public device, youâ€™re leaving yourself open to a breach in attorney-client privilege. While you may not login to a public computer at the library or a hotel very often, the ABA opinion explicitly mentions third-party access. How many of us havenâ€™t thought twice about letting friends check their email or share a computer with a spouse? This third-party access puts you at risk when it comes to protecting attorney-client communications. In her review of the ABAâ€™s opinion, attorney Stephanie Kimbro noted that:
â€œAny third partyâ€ gaining access could be anything from using an unencrypted cloud-based app to a risk of clicking on a link in a SM application that puts malware on their system whether itâ€™s on the work computer, laptop or other mobile device.
So it may not even be a person physically using your computer that could constitute access by a third party.
The point here isnâ€™t so much about communicating in general with your attorney via employer or public devices but rather about what you communicate. In both situations you canâ€™t assume a reasonable expectation of privacy, which is the key to maintaining attorney-client privilege. And the potential risk of third party access via software is yet another reminder of why itâ€™s so important to protect against viruses and malware. Itâ€™s more than your data at risk; itâ€™s also your legal rights.
Over the Open Air
Interestingly enough, the ABA has taken the position that â€œin general, a lawyer may transmit information relating to the representation of a client by unencrypted e-mail sent over the Internetâ€¦because the mode of transmission affords a reasonable expectation of privacy from a technological and legal standpoint.â€ However, I havenâ€™t been able to find mention of whether this still applies if someone is using an open/public network. If you use the same reasoning as that related to third parties with access to your devices, then it leads me to believe (as someone who is most definitely not an attorney), that the same caution should apply to emailing your attorney sensitive details while using public networks.
New Technology, New Rules
Thereâ€™s no question that the ease of electronic communication makes it tempting to shoot emails to anyone and everyone. As this ABA opinion makes clear, we need to think twice when it comes to sensitive communications. Despite passwords and even encryption, we canâ€™t assume that weâ€™ll have our privacy protected no matter what, so think twice before hitting send in public.