Jean-Nicolas Bouilly (1763–1842) said, “Whatever we possess becomes of double-value when we have the opportunity of sharing it with others.” But fellow Frenchman Edgar Quinet (1803–1875) saw it differently: “What we share with another ceases to be our own.”
There is nothing new about attorneys sharing an office, but the more virtual the office, the greater the sharing of facilities beyond real estate. Yet, a shared physical office and a shared virtual office operate under the same ethical reigns. Ethics rules lag far behind the advances in technology that have made virtual practices workable, so risks are inherent in using or ignoring new technology in a shared office.
Office-Share Ethics 101
A number of bar association opinions present minimum suggestions for lawyers who share an office: keep phone lines and file cabinets separate, lock file cabinets and doors, and mind how names are listed at the door so no one is misled into thinking there is an association that does not actually exist. (For more, see “Lawyers Sharing Office Space” by Thomas K. Byerley, State Bar of Michigan)
ABA Model Rule 7.5 generally prohibits lawyers from practicing under a false or misleading firm name or letterhead. Also, most jurisdictions consider it inappropriate to use the term “of counsel” to refer to a lawyer who merely shares office space but with whom there is no close or ongoing working relationship.
Measures suggested by the Colorado Bar Association include:
- Separate message pads for each attorney.
- Separate in-boxes and out-boxes, preferably in attorneys’ separate offices.
- Prohibitions on conversations about matters in public areas and reception rooms.
- “No paper” policies in libraries or conference rooms.
- Separate folder passwords for each attorney’s documents on shared computers.
Securing Data in a Shared Physical Office
In “Confidentiality in a High-Tech World,” author Steven Masur asked a low-tech question: “Are your paper files secured in locked cabinets?”
I don’t think we ever locked our file cabinets back in the olden days, even in shared offices. Oh, we bought file cabinets with locks, but we didn’t use the locks—trusting, were we, that nobody else would have such interest in all that paper to warrant thievery. (Even today, you just know there are still lots of offices that don’t get locked up at the end of the day until the cleaning staff finishes.)
Yeah, security was simple back then. Documents were printed on big, heavy paper and filled up all the file cabinets stuffed into the “file room.” Wall space wasn’t for art but for the hundreds of volumes of case books and annotated codes we needed.
Ironically, given that libraries are now on the Internet and our files are now stored on clouds or itty-bitty computer drives, we no longer need to be as concerned about tangible property so much as we have to worry about securing intangible data. If your data is secure, your door locks become less critical.
Look at it this way: If your data can be intercepted or accessed, it can be taken or exposed by someone who does not need physical access to your office. Furthermore, even if you are never targeted or victimized by a hacker breaking into your system, access to your cloud-stored files and data can still be interrupted by attacks on other Internet systems, or technical problems involving your own hardware or that of your service provider.
That lawyers have no affirmative duty to encrypt e-mail seems well known. Don’t be misled, though. That you don’t have a duty to encrypt doesn’t mean that you can’t. If you work in a shared office setting, there are some things you should secure by encryption or otherwise, whether or not your e-mail is encrypted, too. Every type of Internet connection, wireless router, etc., must be secured or you will be inviting Big Trouble. (Pay attention: Network printers have been found to be infected with the Blaster and Sasser worms, and even refrigerators can connect to the Internet these days.)
Of course, security is kind of a double-edged sword. You cannot make it more difficult for a stranger to access your stuff without making access more difficult for you, too. For instance, if you set your computer virus software to its maximum, super-duper level of protection, you’ll waste lots of time responding to alert messages, and you won’t be able to reach certain websites at all.
Another thing: Although it complicates the procedure for starting up, if you’re not already using your computer’s startup password feature, begin doing so immediately. Better you should leave your purse or wallet sitting out on a table than a computer full of broad-ranging confidential information that anyone can get into just by pushing the “on” button. Likewise, set a password for your screen saver so that you don’t have to turn your computer off every time you leave it unattended. (Don’t bother protecting your screen saver unless you also protect your startup procedure; otherwise, your screen saver password can be evaded by simply turning the computer off and on again.)
Some computers come with fingerprint scanners. They not only provide much greater security, it’s way more fun to feel like Jack Bauer on 24 by swiping your finger than it is to just type in a password.
Securing Data in a Shared Virtual Office
Sharing server storage on a cloud needs special consideration. These things are run by private companies with their own sets of rules and protocols, often shaped by the laws of whatever jurisdiction in which they happen to operate.
To minimize the likelihood of needing to argue over any such legal, contractual, or jurisdictional issues, encrypt whatever you’re sending to the cloud—before you send it. That way, no interceptor, insider or outsider, will be able to access and read the contents of your files.
Many cloud providers offer their own encryption services. But encrypting documents after they are received means the cloud service employees may be able to read them until that is done. This is why you should encrypt your own documents before sending them cloudward. Also, make sure the cloud service uses a secure Internet connection for transferring your files. That, too, will protect them before they alight.
New Tech, New Ways to Share, New Headaches
Sharing is becoming more prevalent because new technology makes us share. WordPerfect, which evolved from the dedicated word-processing machines in use before personal computers, is a better word processor than Microsoft Word. Microsoft designed Word to process text for shared communications, so it naturally generates a lot more metadata. Yet, many people have given up WordPerfect’s superior document editing and creation tools for Word’s collaboration facility, and put up with the extra steps needed to remove metadata from documents before they are sent out.
Think about commercial advertising for a minute. Every Internet service ad is about sharing—sharing videos, sharing data, sharing plans, sharing minutiae that no one needs and that shouldn’t be divulged. Prior advertising has featured sharing, too. “Think Blue” was IBM’s message to collaborators before that became a baseball team slogan. GE’s commercials showed its technology being used by doctors in remote locations sharing information for the benefit of kids and people with serious diseases. Now, Facebook’s home page urges you to “connect and share with the people in your life.”
Attorneys, like normal people, are using new technologies and social networks to conduct and promote business. But attorneys must be more circumspect. A Danish proverb counsels, “shared sorrow is half sorrow.” It’s just the opposite for lawyers: double sorrow, at least.
Notwithstanding the ABA Commission on Ethics 20/20, which has been considering the impact of technology and globalization on the legal profession, the rules for sharing real and virtual offices, at bottom, are the same. Don’t hold yourself out in cyberspace in any way that would not be appropriate for your actual front door.