GPSOLO September 2009
Costly Technology Gotchas
Technology can certainly make you more effective and efficient, but you should be careful to guard against some inherent dangers in using it. To help ensure that technology doesn’t bite you where it can hurt most—in the form of ethics and malpractice threats—here are tips for you to follow. Although you may have heard some of them before, all bear repeating throughout your firm.
Be aware of the dangers of metadata. When you create or edit just about any document on your computer (such as Microsoft Word, Microsoft Excel, or Corel WordPerfect files), hidden information about you and the edits you make is automatically created within the document file. This information, in case you haven’t heard of it before, is called metadata—which can be simply described as "data about data." Think of it as a concealed level of extra in-formation that is automatically created and embedded in every computer file as you work on that file. It is dangerous because it can include past edits, deleted text or tracked changes, and information about others who work on the document—the kinds of things you likely don’t want the client or opposing counsel to see. Thus, if you are e-mailing documents in native format to others, you may be unwittingly sending confidential information to them. Ouch.
Remove metadata from your documents. Being aware of metadata is just the start. The important step is to re-duce or eliminate metadata from your documents before you send them out. Converting files to PDF (portable document format) with Adobe Acrobat or other PDF creators will usually strip out most metadata. For this reason, many firms have adopted a practice of sending only locked PDF documents to clients or opposing counsel, espe-cially if the recipient doesn’t need to edit the document. Also, newer versions of Microsoft Office include features that can identify and strip metadata from documents created in Office applications. There are also metadata scrub-bers that will automatically prompt a user to clean metadata from out-going attachments. Metadata Assistant (www.payneconsulting.com) is one such product that is widely used in law offices.
Don’t share or compromise your passwords. You wouldn’t give your car keys to a complete stranger, so don’t do the same with your passwords.
Beware of e-mail address auto-complete. Having your e-mail software automatically fill in recipients’ ad-dresses is certainly helpful when it comes to saving a few keystrokes or having to remember an e-mail address. But it is also a recipe for disaster: Too often we are hurried and do not confirm an address that the software has filled in before hitting Send. Oops! Just about everyone who has used the auto-complete function will tell you they’ve acci-dentally sent an e-mail to the wrong person. Save yourself the potential exposure to a confidentiality breach by turn-ing off auto-complete.
Who the heck is firstname.lastname@example.org? When adding e-mail addresses to your contacts list, you want to enter full names so it is obvious who a message is going to; the contact’s full name will then appear in your "To" line. When a person is using a generic address like email@example.com, for example, you may have to type the full name in the contacts file as "James Bond." Double-check before you hit "Send." Building on the previous two tips, before you touch that Send button, you should make it a practice always to check and verify that the e-mail addresses in the "To" field are the correct ones.
Check your spam box daily. Spam filters are essential for keeping junk mail out of your inbox. But they can be dangerous, too, because they could erroneously catch a message from your client, opposing counsel, or the court. This is called a "false-positive." So if you don’t check your spam box daily, you could miss an important message (like one that affects a brief you’re in the throes of completing). Most spam filters let you create a "white-list" of parties you know and trust so messages from them will never be stopped. (Google "white-list" if you are unfamiliar with the term.)
Don’t assume that an e-mail was delivered. From reading the previous tip, you know of at least one reason e-mails don’t get through and read. There are loads of others—including e-mail server problems, a wrong e-mail ad-dress, or the recipient simply not opening the message, just to name a few. For this reason, you should always follow up on important messages that you send, and you should always reply to important messages sent to you (even if it is just an initial acknowledgement of receipt). This way everyone involved knows that critical e-mails have been safely received.
Don’t use the "remember me" feature. It is so tempting to let Windows and other computer applications re-member your login names and passwords when they offer to do this. However, while it may make sense for your NYTimes.com access, you should never—repeat, never—have Windows or other programs remember your pass-word for access to any program or system that has sensitive or confidential information in it (as in your computer logon, accounting systems, bank accounts, practice management software, and so on). In the law firm context, this is especially critical for those who use the family computer at home. Letting Windows remember a user name and password gives anyone sitting at that computer full access to the program and all the data in it. Don’t do it!
Never use a public computer to log on to your firm network. Let’s repeat that again—never. Public computers (such as those in libraries and hotel business centers) often have spyware on them that surreptitiously captures login names, passwords, and other data typed in by people using them. This information could be used to compromise the integrity of your network and leave you open to breaches of attorney- client confidentiality. For this reason, typing user names, passwords, or other confidential information on a public computer is an absolute do-not-do.
Don’t let the bad guys in the back door. Require all remote users to have the same level of Internet security on their computers as the law firm has on its. Any computer seeking to access your network must use firewalls, antivirus software, anti-spyware protections, and the like. Otherwise, your entire firm network could be compromised.
Enforce and regularly update your technology use policy. Remember, rules only work when they are current and enforced. Every law office should have an up-to-date and enforced technology use policy, a policy that clearly sets out what people can and can’t do when using office computers and when working on client matters on computers outside the firm’s walls. Incorporating the foregoing tips is a good place to start.
- This article is an abridged and edited version of one that originally appeared on page 42 of Law Practice, March 2009 (35:2).
- For more information or to obtain a copy of the periodical in which the full article appears, please call the ABA Service Center at 800/285-2221.
- Website: www.lawpractice.org.
- Periodicals: Law Practice, published eight times per year; Law Practice Today, a unique, monthly, web-based magazine providing a fresh assortment of articles and resources to supplement Law Practice, the magazine; Law Technology Today, our newest monthly webzine offering information about legal technology issues; and LawPractice.news, a monthly e-newsletter that provides Section news, educational opportunities, book releases, special offers, and more.
- CLE and Other Educational Programs: LPM sponsors more than 100 educational programs annually, including live programs, teleconferences, and webcast seminars.
- Books and Other Recent Publications: More than 90 titles in print, including The Lawyer’s Field Guide to Collaboration Tools and Technologies: Smart Ways to Work Together; The Lawyer’s Guide to Marketing on the Internet; The Lawyer’s Guide to Adobe Acrobat, 3d ed.; Through the Client’s Eyes, 3d ed.; The 2008 Solo and Small Firm Legal Technology Guide.
- Member Benefits: 15% or greater discount on all Law Practice Management book publications; save $65 on Third Thursdays CLE Teleconference Series; save up to $300 on the cost of attending ABA TECHSHOW.
- Events: ABA TECHSHOW; ABA Women Rainmakers Mid-Career Workshop; LPM Law Firm Marketing Strategies Conference; LPM Section Spring and Fall Meetings.
Dan Pinnington is director of practicePRO at the Lawyers’ Professional Indemnity Company (LAWPRO) in Toronto; he may be reached at firstname.lastname@example.org. Reid F. Trautz is director of the American Immigration Lawyers Association’s Prac-tice & Professionalism Center; he may be reached at email@example.com. They are co-authors of The Busy Lawyer’s Guide to Success: Essential Tips to Power Your Practice (ABA, 2009).