Back in the 1990s when email and the Internet were becoming a major method of lawyer communications there was considerable concern whether professional responsibility rules would work with this new technology. After some reflection, ethics authorities realized that the principles of the rules were equally applicable to modern communication systems only needing amendments to emphasize the requirement that lawyers protect client confidences and maintain competence in communication technology.
This resulted in ABA and KBA opinions approving the use of email with cautionary advice on client confidentiality. ABA Ethics Committee Formal Opinion 477R (5/22/17) updated prior opinions with a fresh look at advances in technology and concluded that:
A lawyer generally may transmit information relating to the representation of a client over the Internet without violating the Model Rules of Professional Conduct where the lawyer has undertaken reasonable efforts to prevent inadvertent or unauthorized access. However, a lawyer may be required to take special security precautions to protect against the inadvertent or unauthorized disclosure of client information when required by an agreement with the client or by law, or when the nature of the information requires a higher degree of security.
The Committee cited the factors in paragraph 18 of the Comment to Model Rule 1.6, Confidentiality of Information, to evaluate when special security precautions are required:
Next the Committee offered this guidance for guarding against disclosures:
Kentucky is in line with the ABA Model Rule standards on the use of email by lawyers. KBA Ethics Opinion E-403 (3/1998) included the following guidance for use of email by Kentucky lawyers:
[B]ecause (1) the expectation of privacy for electronic mail is no less reasonable than the expectation of privacy for ordinary telephone calls, and (2) the unauthorized interception of an electronic message subject to the ECPA is illegal, a lawyer does not violate Rule 1.6 by communicating with a client using electronic mail services, including the Internet, without encryption. …. The Committee recognizes that there may be unusual circumstances involving an extraordinarily sensitive matter that might require enhanced security measures like encryption.
To emphasize that Kentucky lawyers must keep up with computer technology the Kentucky Supreme Court promulgated a change effective January 1, 2018 to paragraph (6) Maintaining Competence of SCR 3.130(1.1) Competence:
To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject. (emphasis added)
Make no mistake – it may be an ethics violation or malpractice not to know what you are doing when sending email or any other e-document. The remainder of this newsletter is a review of the variety of ways email raises risk management issues.