Make no mistake about it: if you are a lawyer, technology is your next best friend. Comes right after that first, human best friend: the one you can have a conversation with. But when you’re working on the fly, nothing and no one can replace that special little device that never leaves your hand and hardly ever rings anymore, but sure dings a lot to tell you have email or text. And when you’re sitting in the doctor’s office waiting until s/he actually has time for you, that ding just might save your case.
So while you are waiting impatiently, you decide to check your email. It’s from your office, and has a copy of a settlement agreement in a case you’re aching to keep out of a courtroom. You pull up the agreement and read through it. The few changes opposing counsel made seem acceptable, except one little phrase you really don’t like. You delete the phrase and send the copy straight back to opposing counsel for signature. You are so elated you can hardly control yourself. Until you hear that tiny little voice of your staff: “Don’t ever email anything straight back to opposing counsel from your phone because it doesn’t have metadata removal software.” And you just pray that the document was cleaned before it was sent to your phone.
Yes, technology is a blessing. It enables you to run your office much more efficiently and reduces your overhead. But it also requires attention and care. You had never even heard of metadata until the insurance carrier asked if you had a metadata removal tool in place. And when you looked at the increase in insurance costs if you didn’t, you immediately contracted with a metadata removal service provider to install the necessary software. That way, it would cover everyone’s desktops and laptops that served as some executive’s desktops, but who traveled a lot. The executives were trained to immediately send to their secretaries any documents they drafted, altered, or which were altered by opposing counsel while on the road.
But no one, not even the insurance carrier, had given thought to needing the same protection on your mobile device. Maybe because your next best friend used to be a phone. It’s a conceptual leap—documents and phones—that is hard to make.
What Is Metadata?
Metadata is invisible data embedded in the content of any work document containing information about the information in the document. Frequently, the information metadata contains could be confidential.
Now, we all love one of the great conveniences of computing called redlining. We create a template of a specific document that can be used multiple times for different clients by changing some key elements and all the facts that differ from client to client and case to case. But the basic format is there.
Typically, when the changes are made by emailing the document back and forth between you and your client(s), we all use the redlining function, that indispensable “track changes” feature that enables us to see what changes were made and who made them in the drafting process. Once everyone agrees to the contents of the document, it is finalized by accepting all changes to produce a clean copy. It’s emailed and/or e-filed, and we’re all good. Maybe.
Remember those little red or blue or green lines showing the changes, identifying the person who made them and the date and time of the change? That’s metadata. And guess what— it never goes away by itself. This allows anyone with very rudimentary forensics skills to “mine” the document for confidential information. And if the document has been used by a previous client who had commented on the contents of the template in another case, well, that’s there too.
Legal opinions vary from state to state regarding the nature of a lawyer’s duty to ensure their edocuments are clean. But opinions are beginning to emerge by the ABA (see Legal Technology Resource Center—Metadata Ethics Opinions Around the World), Colorado, Vermont, Maryland, West Virginia, and Massachusetts. Most of them lean toward allowing the discovered metadata to remain with opposing counsel. Sometimes this can be simply embarrassing; other times, it can damage your case.
The Growth of the Use of Mobile Devices
Now let’s take a look, for a moment, at the growth in use of mobile devices. In “Going Mobile: The Rise of the Mobile Platform,” Tom Mighell and Dennis Kennedy state: “2009 has been the year of the smartphone. Lawyers are moving from traditional email access with a BlackBerry to apps and mobile browsing on iPhones and other smartphones.” They are not alone in their observations. The rise in importance of the mobile device for business purposes and the requirement for security solutions to be put in place to cover usage of these devices is also reflected by the number of analyst reports and other surveys that were published in the latter part of 2009. The ABA Tech Survey 2009 reported that 82 percent of its respondents use PDAs/Smartphones/Blackberry when away from the office, rising to 95 percent when looking just at large law firms.
The ABA survey also showed that email is the most likely to be used feature on PDAs/Smartphones/Blackberrys. And business enabling applications specifically for mobile devices, such as document editing, have been consistently introduced since the advent of the first RIM Blackberry. Businesses are now able to provide their mobile workforce with access to many of the same business tools they have on their office-based or laptop computers. With the increase in the storage space and the display on smartphones, the likelihood that documents are stored on these devices has also increased. In other words, in 5 years, your smartphone, in whatever new and app-capable version that will be available by then, will be your laptop.
The Metadata/Mobile Security Gap
The metadata/mobile security gap: oh, we didn’t think of that. Fortunately, someone else did. The company is 3BView.
A survey conducted by 3BView in October 2009 made it clear that only 58 percent of law firms with fewer than 50 attorneys even recognized the risk of data leakage via document metadata in general. Of the group that did recognize the risk, the majority of tools in place are on desktops and/or laptops, with only 3 percent having a metadata removal tool that automatically covers all of their firm’s mobile devices. To understand the level of risk of document metadata leakage from mobile devices, consider the following findings from the 3BView survey:
- 84 percent of respondents forward emails with documents attached via their mobile devices, with 69 percent doing so on a daily or weekly basis;
- 43 percent of the legal professionals surveyed reported attaching a document to an email that is being sent out through their mobile device at least once per month. This represents the majority of the respondents who have access to centralized document storage;
- 26 percent of the respondents claim to attach a document to an email on a daily or weekly basis.
The risk commences from the simple step of forwarding a document via a mobile device, as the originating metadata is generally retained during internal review and iteration, and then inadvertently passed on to the opposing counsel via the Blackberry, iPhone, or Netbook et al.
With the increase in features available to aid editing of documents, particularly on smartphones, it is becoming ever easier to make changes to a document when out of the office. As the availability of document review and editing features increases, so will the risk of inadvertent leakage of information via document metadata.
Attorneys must consider the potential problems created by metadata in connection with their use of mobile technology. Just as they employ software solutions for metadata on their computers, they should use it on their mobile devices. 3BView developed one solution for this problem, 3BClean, a server-based software system that automatically removes metadata from documents as they are emailed.
3BView also created a cloud-based solution that may be more practical for the solo or small firm and has launched 3BCleanDocs. This service enables you to benefit from enterprise-grade metadata removal solution without the need to install and manage the software.
Donna Seyle is founder/coach of Law Practice Strategy, a resource center and training/consulting service for solos and small firms using emerging law practice systems. She blogs and speaks extensively on topics related to the significant changes in the legal profession and the resulting opportunities in this economic and technological environment. Her legal background includes 22 years as a real estate and business lawyer as a law firm associate, in-house counsel, and sole practitioner.
© Copyright 2010, American Bar Association.