GPSolo Magazine - June 2005
Coming of Age on Ethics and the Internet
The emergence of the Internet during the past decade as a conventional communications, research, and law practice management tool has resulted in greater awareness of the ethical consequences of its use by lawyers and the organized bar. Although technology continues to outpace the rules that govern lawyers, the existing rules, with minor revisions, have generally been able to accommodate Internet use in law practice.
One aid has been a steady growth of articles and ethics opinions that guide lawyers through electronic practice. Although a handful of early ethics opinions were soon obsolesced by developing technology, it is now clear that many ethical risks involved with the Internet can be managed through training, technical support, and considered professional judgment. In addition, some states and, more recently, Congress have passed laws governing the use of e-mail and the Internet. Although the rules restricting cross-border practice seem to be broadening, lawyers still must give careful attention to the specific rules of jurisdictions in which they use electronic communications to deliver online legal services.
Lawyers in almost every area of practice have by now realized the necessity of electronic proficiency, at least for access to research and information and for communications with clients, courts, and the public. Internet developments are rapidly advancing the law and have significantly increased the public’s access to legal services. Lawyers currently do not have to demonstrate familiarity with Internet use for competency. It is not out of the question, however, that this may someday be included in evaluating lawyer competence, or be at least one factor in the accepted standard of care for professional liability. The duty of competence requires thorough preparation for handling a particular matter and could one day include a standard for electronic methods and procedures.
One ongoing debate concerns whether Internet communications are less secure than traditional forms of communication. Lawyers at one point worried that unencrypted e-mail communications with or about clients violated the principle of confidentiality. The prevailing view today is that e-mail poses no greater risk of interception or disclosure than commercial mail, landline telephones, and faxes. Most states agree that an electronic communication between an attorney and client does not waive confidentiality solely because it occurs online. Privileged communications are vulnerable to theft and interception, but most states recognize a reasonable expectation of privacy. State and federal laws today impose civil and criminal penalties for the unauthorized use and interception of electronic communications. See 18 U.S.C. §§ 2510-2521.
The protections afforded by these laws, however, do not alleviate the lawyer’s responsibility to manage the security and privacy risks inherent in electronic communications. The overriding principle is that e-mail requires the same levels of concern for protecting confidentiality and preserving the client’s privilege as do other forms of communication. Although encrypted e-mail is not required for lawyers, it could be considered a standard if the content is sufficiently sensitive that its use is in the client’s best interest.
Lawyers must be aware of the characteristics of various e-mail systems and employ appropriate security measures in transmitting sensitive client information. Lawyers recently were advised, for example, to exercise reasonable care to prevent the disclosure to opposing counsel or other third parties of confidential client information contained in hidden “metadata” in electronic documents. N.Y. State Bar Ass’n Formal Op. 782 (2004). It is good practice to discuss the means by which a lawyer and client will communicate confidential information and choose a compatible electronic means of communication that is suitable for the client and the client’s matter.
Installing a software firewall, establishing a private website for communications with a particular client, and using password protections for sensitive documents help preserve confidentiality online. Firewalls are increasingly important because lawyers are spending more time online and may have DSL connections that are always logged onto the Internet.
Firewalls and passwords are particularly appropriate when lawyers share space or communicate via the Internet in an unsecured environment, for example, where a lawyer communicates highly sensitive information on a computer maintained at an Internet café. In addition, lawyers have learned—sometimes the hard way—that simply deleting a file or an e-mail does not fully erase it from a hard drive. Thus, knowing about options for destroying electronic information is also a necessary tool in preserving confidentiality.
Unfortunately, the Internet and its many applications have contributed to an increase in the inadvertent transmission of information to a party other than the intended recipient. Most lawyers typically include a notice in e-mail communications that the message is confidential and is intended to be read only by the recipient. These notices, however, may not be adequate to cover all circumstances, and their overuse may reduce their effectiveness.
Courts and bar association ethics committees have wrestled with defining the ethical obligations of an attorney who inadvertently receives an opposing party’s confidential information. Some courts have taken the view that an attorney who innocently obtains confidential information, without misconduct on the attorney’s part, is under no ethical obligation to notify or return the materials to opposing counsel. The generally accepted view, however, is that a lawyer who receives a document relating to the representation of another lawyer’s client and knows or reasonably should know that the document was inadvertently sent must promptly notify the sender. See ABA Model Rule 4.4(b). Preserving the attorney-client privilege and maintaining confidentiality and fairness outweigh the burden imposed on the sender in waiving the privilege; in addition, it becomes the receiving attorney’s ethical obligation to promptly notify the sender, who then can take protective measures.
The decision whether the receiving attorney has the additional obligation to return the documents or information to the sender, or whether the privilege has been waived, is beyond the scope of Model Rule 4.4(b). Some state courts require immediate notification about and return of clearly privileged documents. This was the view adopted earlier in ABA Formal Opinions 92-368 and 94-382. Whether the addition of Rule 4.4(b), which requires only prompt notice to the sender, supersedes the obligation to also return the privileged information remains to be seen. Lawyers should check the rules, ethics opinions, and case law in their jurisdiction.
The Internet efficiently reaches countless people in need of legal advice and services. Internet law practice (e-lawyering) includes giving online legal advice and preparing documents and legal products for consumers. Law firms have discovered that the Internet makes it easy to provide limited, task-based legal services, an activity also known as “unbundling.” Lawyers are able to team with Internet providers to provide interactive forms for consumers, with the lawyer providing the professional content and the Internet provider supplying the medium through which the forms are accessed. Consumers can peruse a menu of products and services on the Internet and request limited, task-based services that the lawyer offers at a reduced cost. The legal services the lawyer provides are “unbundled” from other traditional legal services lawyers offer clients.
Several states permit rendering online legal services subject to the same constraints that govern other methods of delivering legal services. Some states have developed ethical guidelines for online practice, which include (1) posting intake forms on the attorney’s website that allow conflict checking before the lawyer responds to a legal inquiry; (2) protecting confidential information from prospective clients and from clients who contacted the lawyer via e-mail and whom the lawyer has agreed to represent; (3) requiring that the lawyer render legal advice with competence; (4) precluding the sharing of legal fees with a non-lawyer Internet provider; and (5) precluding the lawyer’s giving advice to clients in jurisdictions in which the lawyer is not licensed to practice, unless permitted by the rules of that jurisdiction.
As technology has become more sophisticated, legal services are now available through various Internet applications, including the use of application service providers (ASPs) and extranets. An extranet provides a web-based interface clients use to check the status of their cases or legal matters, review documents, access databases, and interact with their attorneys. ASPs offer a variety of online legal products and services, including document assembly, collaboration tools, e-mail, and file storage.
A fair amount has been written on the ethical risks of using ASPs. Ethical concerns include attorney-client confidentiality, conflicts of interest, competence, impermissible fee sharing, and the need for proper diligence. So far, little guidance has come from courts or bar associations, but it is unlikely that lawyers and law firms will be precluded from utilizing ASPs and other Internet applications in the delivery of legal services. Instead, lawyers will remain ultimately responsible for ensuring that their use of web-based technology is compatible with applicable ethics standards. Reasonable precautions include disclosing to the client the capabilities and limitations of the particular web-based service being offered (standard disclaimers may not be enough), implementing procedures to protect electronic client files and information, backing up data, and avoiding conflicts of interest where the ASP provides similar services to other parties involved in the client’s case or legal matter. An attorney should find out whether a particular ASP is willing to disclose the names of its other clients.
Law Office Support Services
The increasing array of software products and ASPs offer lawyers a wide variety of electronic back-office functions that include web-based calendaring systems, case management and litigation support programs, time and billing services, document management, and accounting services. Most of these capabilities involve the outsourcing of confidential data and information and thus raise security questions regarding the reliability of the service provider, as well as the fit between the lawyer’s needs and the service. The efficiency and cost benefits of these technologies can be significant, particularly for solos and small firms, and it is not realistic to conclude that the ethical risks will invariably outweigh their advantages. Lawyers making use of these systems, however, must understand each particular application, negotiate appropriate contracts with vendors, and supervise the online support services as diligently as they do those in-house.
One example of this involves lawyers’ responsibilities in maintaining client files. Electronic media have changed traditional ideas of what constitutes the client file, and lawyers must consider what information belongs to the client and is accessible to the client during the representation, and what information must be delivered to the client or successor counsel upon termination of the engagement. Client documents and information can exist electronically in various on- and off-site locations, rather than in a traditional client file. Examples include e-mail communications, Internet databases, and extranets.
Lawyers also are learning, sometimes by an unfortunate experience, that electronic storage and retrieval of client documents and information can be complicated and that electronic file materials belonging to the client can become irretrievable (e.g., if the software to read the files no longer exists) or can be simply misplaced or damaged in previously unimagined ways. Storing and maintaining client documents and information electronically must not only be secure but must also be accessible and retrievable over time.
Online advertising for legal services has spawned disparate rules and statutes throughout the country. Some state law governing lawyer advertising is outdated and in need of revision. The California legislature, for example, passed a series of laws in 1993 regulating electronic and mass media lawyer advertising, primarily in response to concerns over lawyer advertisements on television. See California Business and Professions Code § 6157 – 6159.2. Because the statutes include the term “computer networks,” the penalties and other restrictions also apply to attorney websites, a recognized form of lawyer advertising. See California State Bar Formal Opinion 2001-155.
Lawyers will continue to have to reconcile a host of differing ethical standards in seeking to advertise the availability of their services on the Internet in more than one jurisdiction. However, several common themes have emerged despite these disparate rules. Lawyer websites generally are viewed as advertising under the lawyer’s home state’s ethics rules; electronic advertising is permitted subject to the particular state counterparts to Model Rules 7.1 through 7.5. The primary determinant is that a communication concerning a lawyer’s services must not be false or misleading; that is, it must not contain a material misrepresentation of fact or law or omit a fact necessary to make the statement as a whole not materially misleading. To avoid unauthorized practice of law concerns, using disclaimers and disclosures on websites and e-mail communications is generally recommended to notify users where the communicating attorney is authorized to practice and who are the intended recipients of the communication. The effectiveness of disclaimers, however, remains to be seen.
Many states require that e-mail advertisements, like regular mail, be labeled as “advertising materials” at the beginning and end of the communication, and that the communication include the name and office address of at least one lawyer or law firm responsible for its content. Some states require filing a web home page with the state bar; others require that only changes (or “material” changes) to the site be filed.
Most states require lawyers to keep copies of their electronic communications for a specific period of time, although the ABA recently deleted this archiving requirement in Model Rule 7.2(b). Generally, an attorney must exercise reasonable control over the content of information about the lawyer in a commercial website or legal directory operated by an ASP that markets the particular lawyer’s services.
A number of advertising issues remain unresolved. For example, Model Rule 7.3(b) was changed in 2002 to prohibit a lawyer from soliciting professional employment from a prospective client by “real time” electronic contact such as a chat room unless that person is also a lawyer, a family member, or someone with a close personal or prior professional relationship with the lawyer. Ethics opinions in a number of states including Florida, Michigan, Oregon, Utah, Virginia, and West Virginia have reached the same conclusion. Other states either have not addressed the issue or, like California, have concluded that chat room communications with prospective clients do not invariably constitute prohibited solicitation. See Cal. State Bar Formal Op. 2004-166.
Whether a domain name (web address/URL) constitutes an electronic address or firm or trade name has not been fully resolved, although the Model Rules were amended in 2002 to treat a domain name as a communication under the advertising rules. See Model Rule 7.5. Lawyers to date do not have sufficient guidance to determine the status of metatags (embedded terms that can affect the results of a search), and the extent to which a lawyer or law firm is responsible for the content of hyper- links also remains unresolved.
Lawyer advertising is also regulated by the federal CAN SPAM Act of 2003 (Controlling the Assault on Non-Solicited Pornography Marketing Act of 2003), 15 USC § 7701 et seq. The Act applies to any commercial electronic mail message with a primary purpose of commercial advertising or marketing, including content of websites operated for commercial purposes. The Act regulates both direct senders of spam and those that procure spamming services. An attorney’s awareness of but failure to prevent “spammers” from promoting the attorney’s services can result in liability under the Act.
Along with other restrictions, the Act requires that e-mail advertisements include a valid return address, a physical postal address, and an indication that the e-mail is a solicitation. Commercial e-mails must also include an opt-out mechanism and must not have false or misleading “header” information or deceptive subject lines. The Act expressly preempts state laws that regulate commercial e-mail, except to the extent that they prohibit false or deceptive e-mail messages or attached information.
During the next few years, the challenge for the legal profession will continue to be managing electronic communications to serve clients and preserve the integrity of the attorney-client relationship, protecting confidentiality of client information, and rendering legal services with a level of competence and professional independence as that required in the traditional face-to-face environment.
Mark L. Tuft is a partner with Cooper, White & Cooper, LLP, in San Francisco, where he specializes in representing attorneys and law firms on professional responsibility and liability matters. He is a vice chair of the California State Bar Commission for the Revision of the Rules of Professional Conduct and is an adjunct professor at the University of San Francisco School of Law, where he teaches legal ethics. He is also a co-author of the California Practice Guide on Professional Responsibility. He can be reached at email@example.com.