Can't Live with Them, Can't Live without Them—Ethical and Risk Management Issues for Law Firms That Adopt a “BYOD” Approach to Mobile Technology

Bring-your-own-device (“BYOD”) is an approach to mobile technology that permits access to a company's computer network and email system through employee-owned mobile devices. This article outlines the ethical risks triggered by BYOD and provides suggestions for developing a comprehensive data security policy for mobile devices that will help mitigate the risks posed by the adoption of a BYOD approach to mobile technology. Part II addresses the impact of technology on the legal profession and discusses how technology has fundamentally altered the delivery of legal services. Part III reviews the lawyer's duty of competence and addresses how that duty includes knowing the risks and benefits of technology and what that ethical duty entails. Part IV outlines the various risks triggered by the adoption of a BYOD approach to mobile technology. Part V addresses a lawyer’s ethical duty to safeguard information and communications against technology-based risks, and Part VI outlines a law firm's obligation to have measures in place that provide reasonable assurance that its lawyers are conforming to the Rules of Professional Conduct and that the conduct of its nonlawyer assistants is compatible with those professional obligations. Part VI includes a discussion of ethics opinions addressing cloud computing because mobile devices and the cloud go hand in hand. Part VII provides recommendations for law firms adopting a BYOD approach to mobile technology, and the article concludes with a sample policy addressing data security for mobile devices in Part VIII.

Steven M. Puiszis