Between You and Me, Why Worry about Security?

By James Ellis Arden

[I]n 1966, there were no personal computers, no Internet, no BlackBerrys, no teleconferencing, no emails, and the only person who had a two-way wrist radio was cartoon character Dick Tracy. Today, largely because of the benefits of modern technology . . . lawyers throughout the United States regularly participate in teleconferences and group email sessions with other lawyers in other states. . . . (Winterrowd v. American General Annuity Insurance Co., Nos. 07-56541, 07-56711 (9th Cir. Feb. 17, 2009)

The ethics are complex enough anytime a lawyer contracts with his or her client. Negotiation adds another layer of ethical complexity because negotiators sometimes make decisions that clash with their own ethics. Well, if you contract with your client and you and your client then contract together with your client’s adversary and an adversarial lawyer, all planning to negotiate and collaborate on the Internet, your hatches should be well battened.

Not only does the success of a given collaboration depend on the ethical rules imposed on the collaborators,  but the security of the collaboration will be limited by the weakest link among the collaborators. The participants in a collaboration to draft documents need mutually workable hardware and software to communicate and share document drafts. Like security, technological ability may be limited to the collaborators’ lowest common denominator.

You can minimize some risks if your collaboration agreement contemplates the process as well as the responsibility for final document production. Whether or not you use encryption to protect sensitive documents, for instance, you still must be discreet when sending out documents in electronic form straight from your computer; unlike a document from your printer, you can’t “see” the one sent out directly over the Internet, nor can you see the electronic baggage that accompanies it, sometimes called metadata.

Most metadata is innocuous. Typical metadata might identify the computer system or the printer used. It might identify the name of the user or the time a given document was created, edited, or printed. Various programs are available to “scrub” metadata from a document before it is e-mailed, and many of them are free. However, because different jurisdictions have different rules about discovery as well as attorneys’ duties upon receipt of inadvertently disclosed confidential communications, a collaboration agreement involving multiple jurisdictions should take such into consideration.

Many documents are transmitted as PDFs (“portable document format,” developed by Adobe Systems) because PDFs carry very little metadata. PDFs look the same to sender and recipient and can be made very difficult to edit. But if you are collaborating on a project, the documents you are sending back and forth probably need to be editable by some or all of the collaborators. This means instead of PDF, you’ll most likely want a word processing format such as Word or WordPerfect.

Your choice of word processing software also has ramifications for security. For instance, if everybody in the collaborative group uses Microsoft Word, then that software may work best. On the other hand, WordPerfect creates a lot less metadata.

Some of the differences between the two result from the divergent purposes for which each was designed. WordPerfect’s raison d’être is word processing. It evolved from the dedicated word processing machines in use before we had personal computers. WordPerfect does word processing. That’s it.

Microsoft, on the other hand, intended Word to be the word processing tool for sharing electronic communications. Whereas WordPerfect was designed for processing text, Word was actually intended for collaboration. But ironically, because by design Word creates lots of metadata, superfluous formatting codes, and printer information and because it uses secret, undocumented formats, many argue it is not a suitable document-exchange format.

Even so, many people collaborate using Word. One reason is its double-edged sword, called “Track Changes.” To be sure, Track Changes creates lots of metadata; but by keeping track of such things as who worked on a document, when work was done, and when and what edits were made at any given time, a fairly complete version history can be created—which might be useful to some collaborations.

Be aware, though, that Track Changes causes more than a little embarrassment to those who do not know or understand what they are doing. Last year, in a piece entitled, “This is Not a Metadata Problem,” the Connected Lawyer ( wrote of a business plan submitted to a venture capitalist with all of the tracked changes and comments intact. Some of the comments included: “When you talk through this point on your slides, make Chanukah jokes, he is Jewish and will get them,” “I’d delete this section since we don’t have these features on the roadmap and haven’t figured out how to code this unless you believe the investors won’t catch this,” and “VCs [venture capitalists] are typically stupid when it comes to this section so be prepared for a dumb question blizzard.”

If you use WordPerfect, your problems might arise from the “Undo/Redo” function. Go to “Undo/Redo History” options and make sure that “Save Undo/Redo items with document” is not checked. That way, when you e-mail someone a WordPerfect document you worked on, the recipient won’t be able to open your WordPerfect document and see how it evolved simply using “Undo.”

Security in the realm of electronic collaboration does not just help preserve ethical standards; it enables us to do our best. As Charles Darwin said, “In the long history of humankind (and animal kind, too) those who learned to collaborate and improvise most effectively have prevailed.”

James Ellis Arden practices law in the Los Angeles, California, metropolitan area and specializes in litigation, attorney ethics, and client relations. He may be reached at .

Copyright 2009

Back to Top