The legal profession used to have the reputation of being the last to adopt new technology. No longer. The longstanding lawyer’s duty of competence has evolved in recent years to include a lawyer’s duty of technological competence. But even what it means to be technologically competent continues to evolve.
The American Bar Association (ABA) and 40 states have amended their ethical rules to include the duty of competence in technology. In the remaining states, some note that the duty of technological competence is implied, even if not expressly written into the current rules.
Lawyer’s Duty of Technological Competence
ABA Model Rules of Professional Conduct Rule 1.1 (“Competence”) provides:
A lawyer shall provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness and preparation reasonably necessary for the representation.
Rule 1.1 has contained the same language since 1983. In 2012, the ABA modified the comments to Rule 1.1 to expressly state that the lawyer’s duty of competence includes a duty to “keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology” (emphasis added). Comment 8 to Rule 1.1 provides, in its entirety:
To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject.
How We Got Here: The Evolution of Technology and Legal Ethics
In the 1980s, the introduction of personal computers and subsequent advances in technology led to an increasing integration of newer technology into the law and its practice. Also in the 1980s, fax machines pervaded the law practice and it became clear that there were “benefits and risks” associated with the technology. The efficiency of transmitting time-sensitive documents by fax greatly increased. The likelihood of inadvertent disclosures, however, increased as well.
On November 10, 1992, the ABA Standing Committee on Ethics and Professional Responsibility issued Formal Opinion 92-368. The opinion noted that advances in technology made it “more likely that through inadvertence, privileged or confidential materials will be produced to opposing counsel by no more than the push of the wrong speed dial number on a facsimile machine.” The opinion concluded that “[a] lawyer who receives materials that on their face appear to be subject to the attorney-client privilege or otherwise confidential, under circumstances where it is clear they were not intended for the receiving lawyer, should refrain from examining the materials, notify the sending lawyer and abide the instruction of the lawyer who sent them.” This opinion was later withdrawn, as discussed below.
Early Ethics Opinions on Email and Metadata
As email became more pervasive in the practice of law, new questions arose about inadvertent disclosure. In 1999, ABA Formal Opinion 99-413 concluded that because email provided a reasonable expectation of privacy, lawyers could use it to communicate with their clients. At the same time, the ABA Standing Committee recognized that some information is so sensitive that an attorney might consider using particularly strong protective measures depending on the sensitivity of the information: “Those measures might include the avoidance of email, just as they would warrant the avoidance of the telephone, fax and mail.”
The rapidly increasing use of electronic documents and email attachments brought about new issues concerning metadata—embedded data in an electronic document that may provide information about the document, such as who authored or modified the document as well as how and when. Ethics opinions about metadata have gone through an evolution of their own. For example, early opinions involving metadata concluded that the receiving attorney had a duty to avoid taking advantage of an inadvertent disclosure. In December 2001, the New York State Bar Committee on Professional Ethics published Opinion 749, in which it concluded: “A lawyer may not make use of computer software applications to surreptitiously ‘get behind’ visible documents or to trace e-mail” because it “constitutes an impermissible intrusion on the attorney-client relationship.” This obligation was subsequently narrowed.
Model Rule 4.4 Narrows the Obligation on Receiving Material Inadvertently
In February 2002, the ABA updated Model Rule 4.4 (“Respect for Rights of Third Persons”) to address email and metadata. In response to criticism of Formal Opinion 92-368, the amendments further “narrowed the obligation of the receiving lawyer.”
Model Rule 4.4(b), as amended, provides:
A lawyer who receives a document or electronically stored information relating to the representation of the lawyer’s client and knows or reasonably should know that the document or electronically stored information was inadvertently sent shall promptly notify the sender.
While Model Rule 4.4(b) requires the receiving lawyer to notify the sender of the inadvertent transmission promptly, it “does not require the receiving lawyer either to refrain from examining the materials or to abide by the instructions of the sending lawyer.”
Comment 2 to Model Rule 4.4 confirmed the applicability of this rule to metadata, and provides, in part:
Metadata in electronic documents creates an obligation under this Rule only if the receiving lawyer knows or reasonably should know that the metadata was inadvertently sent to the receiving lawyer.
Subsequent Ethics Opinions Further Changed Focus to the Duty of the Sending Party
In December 2004, New York likewise changed focus to the duty of a lawyer to take reasonable precautions against disclosure of client confidences, concluding in Opinion 782 that a lawyer must “use reasonable care when transmitting documents by e-mail to prevent the disclosure of metadata containing client confidences or secrets.”
In October 2005, ABA Formal Opinion 05-437 formally withdrew Opinion 92-968 to the extent it conflicted with amended Model Rule 4.4, which “only obligates the receiving lawyer to notify the sender of the inadvertent transmission promptly. The rule does not require the receiving lawyer either to refrain from examining the materials or to abide by the instructions of the sending lawyer.” The Opinion goes on to emphasize Comment 3 to Rule 4.4: “Where a lawyer is not required by applicable law to do so, the decision to voluntarily return such a document is a matter of professional judgment ordinarily reserved to the lawyer.”
In August 2006, ABA Formal Opinion 06-442 concluded that the Model Rules do not contain any specific prohibition against a lawyer’s review or use of embedded information in electronic documents, whether received from opposing counsel, an adverse party, or an agent of an adverse party. However, the Opinion stated that a lawyer concerned about a document that contains, or might contain, metadata may be able to limit the likelihood of its transmission by “scrubbing” metadata from documents or by sending a different version of the document without the embedded information.
Subsequently, in September 2006, Florida issued its own ethics opinion, Opinion 06-2, which concluded that lawyers have a duty on both the sending and receiving ends of metadata.
Where We Go from Here: Duty of Technological Competence
In the decade since the lawyer’s duty of technological competence was expressly included in the comments to Model Rule 1.1, technology has grown even more pervasive in the practice of law. Almost every lawyer uses email as a primary method of communication, and many are never far from a smartphone or tablet. E-discovery has expanded dramatically and subpoenas for information on social media platforms and text messages are becoming more commonplace. The pandemic accelerated lawyers’ abilities to use technology to conduct remote mediations, depositions, arbitrations, court hearings, and trials, which all remain viable alternatives post-pandemic. Thus, the duty of technological competence continues to be interpreted as time passes and new advances in technology become standard in the law and its practice.
Comment 5 to Model Rule 1.1 notes the standard of competent practitioners and provides, in part: “Competent handling of a particular matter includes inquiry into and analysis of the factual and legal elements of the problem, and use of methods and procedures meeting the standards of competent practitioners.”
The ABA Commission on Ethics 20/20 Report, which recommended revising Model Rule 1.1 to include an express reference to technology, explained the fluid notion of technological competence:
Because of the sometimes bewildering pace of technological change, the Commission believes that it is important to make explicit that a lawyer’s duty of competence, which requires the lawyer to stay abreast of changes in the law and its practice, includes understanding relevant technology’s benefits and risks.
The report further explained the changes in Model Rule 1.6 regarding handling confidential information:
Because new modes of communication create challenges as lawyers try to fulfill their obligation to protect client confidences, a new paragraph (c) in Model Rule 1.6 (Confidentiality of Information), as well as new language in Comment [16], would make clear that a lawyer has an ethical duty to take reasonable measures to protect a client’s confidential information from inadvertent disclosure, unauthorized disclosure, and unauthorized access, regardless of the medium used.
Model Rule 1.6(c) also provides: “A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.”
Comment 18 to Model Rule 1.6 was also amended, making it clear that additional methods of security should be considered depending upon the sensitivity of the information that is to be transmitted:
Paragraph (c) requires a lawyer to act competently to safeguard information relating to the representation of a client against unauthorized access by third parties and against inadvertent or unauthorized disclosure by the lawyer or other persons who are participating in the representation of the client or who are subject to the lawyer’s supervision. See Rules 1.1, 5.1 and 5.3. The unauthorized access to, or the inadvertent or unauthorized disclosure of, information relating to the representation of a client does not constitute a violation of paragraph (c) if the lawyer has made reasonable efforts to prevent the access or disclosure.
In August 2011, before technological competence was expressly included in Model Rule 1.1, ABA Formal Opinion 11-459 concluded that Model Rule 1.1, along with Model Rule 1.6 regarding protecting client information, required that a lawyer “warn the client about the risk of sending or receiving electronic communications using a computer or other device, or e-mail account, where there is a significant risk that a third party may gain access.” The example provided is “when the lawyer knows or reasonably should know that the client is likely to send or receive substantive client-lawyer communications via e-mail or other electronic means, using a business device or system under circumstances where there is a significant risk that the communications will be read by the employer or another third party.”
Interpreting the Duty of Technological Competence
In December 2014, a Delaware court interpreted the duty of technological competence and agreed that:
[D]eliberate ignorance of technology is inexcusable. . . . [I]f a lawyer cannot master the technology suitable for that lawyer’s practice, the lawyer should either hire tech-savvy lawyers tasked with responsibility to keep current, or hire an outside technology consultant who understands the practice of law and associated ethical constraints.
In March 2016, the Oklahoma Supreme Court disciplined a senior lawyer for failing to meet the bankruptcy court’s e-filing requirements even though there was nothing substantively wrong with his work.
In November 2016, the District of Columbia Bar Ethics Committee issued Opinion 371, in which it agreed with Comment 8 of Model Rule 1.1:
We agree with ABA Comment [8] to Model Rule 1.1 that to be competent “a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” Although the District’s Comments to Rule 1.1 do not specifically reference technology, competent representation always requires the legal knowledge, skill, thoroughness, and preparation reasonably necessary to carry out the representation. Because of society’s embrace of technology, a lawyer’s ignorance or disregard of it, including social media, presents a risk of ethical misconduct.
The District of Columbia Opinion went further to address competence in the context of social media:
Postings with privacy settings on client social media are subject to formal discovery and subpoenas. To provide competent advice, a lawyer should understand that privacy settings do not create any expectation of confidentiality to establish privilege or work-product protection against discovery and subpoenas.
In May 2017, ABA Formal Opinion 477R addressed a lawyer’s ethical obligation to protect confidential client information when transmitting information relating to the representation over the internet in light of advances in technology and ever-increasing cybersecurity threats, and provided guidance as to when enhanced security measures are appropriate. The Opinion concluded that:
A lawyer generally may transmit information relating to the representation of a client over the internet without violating the Model Rules of Professional Conduct where the lawyer has undertaken reasonable efforts to prevent inadvertent or unauthorized access. However, a lawyer may be required to take special security precautions to protect against the inadvertent or unauthorized disclosure of client information when required by an agreement with the client or by law, or when the nature of the information requires a higher degree of security.
In October 2018, ABA Formal Opinion 483 addressed the lawyer’s duty after an electronic data breach:
When a breach of protected client information is either suspected or detected, Rule 1.1 requires that the lawyer act reasonably and promptly to stop the breach and mitigate damage resulting from the breach. How a lawyer does so in any particular circumstance is beyond the scope of this opinion. As a matter of preparation and best practices, however, lawyers should consider proactively developing an incident response plan with specific plans and procedures for responding to a data breach. The decision whether to adopt a plan, the content of any plan, and actions taken to train and prepare for implementation of the plan, should be made before a lawyer is swept up in an actual breach.
Another evolving area in which lawyers increasingly find a need to become and remain competent involves cryptocurrency. In September 2022, the California Standing Committee on Professional Responsibility and Conduct started considering whether a lawyer can accept cryptocurrency as payment or hold cryptocurrency in trust. Certain other aspects of accepting payment of cryptocurrency require a lawyer to understand the technology associated with it:
If a lawyer accepts cryptocurrency as payment for fees, regardless of the nature of the fee in question, the lawyer must have the competence required under Rule 1.1 to understand the risks associated with the technology and ensure that he or she has methods to properly account for, maintain and safeguard the client’s property. This requires the lawyer to understand the mechanics of transacting in cryptocurrency and the associated risks, including lack of regulation, volatility, cyber threats and vulnerabilities, key management, and insurability against loss so these issues can be explained to the client so the client can make an informed decision regarding use of cryptocurrency as a form of payment. As with any property, the lawyer must use reasonable care to minimize the risk of loss and the allocation of risk between the lawyer and client must be understood and agreed to.
This is one example of an area in which the lawyer’s duty of technological competence continues to evolve and of which lawyers are required to keep abreast.
What Does Technological Competence Include and How Does One Maintain It?
The ethical duty to stay abreast of technological advancements is now required in most states, and lawyers must maintain the requisite level of competence to practice law. As such, lawyers are now required to be familiar with not only substantive changes in their practice but also the relevant technology that could impact that practice. To meet this requirement, technology training may be necessary for some, if not all, practicing attorneys.
This need for technology training is well-recognized in the legal profession. According to the 2021 ABA Legal Technology Survey Report, 68 percent of respondents agreed that lawyers must stay current with the benefits and risks of technology in order to maintain competency under the rules of professional conduct. Law firms have also taken a proactive approach towards technology, as 65 percent of firms consider budgeting and planning for technology to be essential.
Today, 40 states have adopted a statement or comment on technological competence for inclusion in the lawyer’s duty to provide competent representation. While many jurisdictions have adopted Comment 8 to Model Rule 1.1 verbatim, several states have taken additional measures to ensure that practicing attorneys are continuing to educate themselves about the risk and use of technology.
Continuing Legal-Technology Education Requirements
Florida has paved the way in the area of legal-technology education and training. In 2016, Florida modified the comments to Rule 4-1.1 of the Florida Rules of Professional Conduct:
To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, engage in continuing study and education, including an understanding of the benefits and risks associated with the use of technology, and comply with all continuing legal education requirements to which the lawyer is subject.
The Florida Supreme Court also directly changed Rule 6-10.3 for minimum continuing legal education (CLE) requirements to require 33 hours of continuing education over each three-year cycle with three hours specifically dedicated to approved technology programs.
Competent representation requires safeguarding confidential information related to a lawyer’s representation, including electronic transmissions and communications. The new Florida rules require the three hours of continuing technology education so the lawyer can obtain “an understanding of the risks and benefits associated with the use of technology” and receive sufficient information so the lawyer can elect to “meet this obligation through a lawyer’s association with, or retention of, a non-lawyer advisor with established technological competence in the relevant field.” While Florida was the first state to require technology continuing education for lawyers, it was not the first state to require technology competence.
Effective in 2019, North Carolina became the second state to require all licensed attorneys to complete CLE hours devoted to technology training; this hour is part of North Carolina’s annual 12-hour requirement. North Carolina’s Governing Rules of the State Bar define technology training as “a program, or a segment of a program, devoted to education on information technology (IT) or cybersecurity.” The Rules further acknowledge that the primary objective of technology training is to enhance a lawyer’s proficiency or improve law office management.
Most recently, New York joined the list of states requiring technology education and training for attorneys. In June 2022, the Judicial Departments of the Appellate Division of the New York State Supreme Court formally added technology training to the state’s CLE requirements. In fact, New York has taken a focused approach towards its technology training, as the new requirement mandates that practicing attorneys complete at least one credit hour of training in cybersecurity, privacy, and data protection every two years. This narrowly tailored technology training program comes in response to increasing concerns surrounding the disclosure of confidential information, which trace back to 2020 when the New York State Bar Association’s Committee on Technology and the Legal Profession first proposed to implement a one-credit CLE requirement in cybersecurity protection (as opposed to a general credit in technology training). The proposal was presented with the intent of focusing on “what the Committee believes to be one of the most pressing and urgent issues facing our legal profession: cybersecurity protection of confidential and proprietary client and law firm electronic information and assets.”
While only three states currently require licensed attorneys to obtain CLE credits in technology training, other states are likely to follow suit. For example, Maine has incorporated an aspirational goal of maintaining technological competence through CLEs: “The purpose of minimum continuing legal education (MCLE) requirements is to promote and sustain competence and professionalism and to ensure that attorneys remain current on the law, law practice management, and technology in our rapidly changing society.”
In 2015, the California State Bar Association released an ethics opinion that expressly acknowledged a lawyer’s duty to be competent in technology. The opinion requires attorneys who represent clients in litigation either to be competent in e-discovery or to associate with others who are competent. The opinion expressly cites the ABA’s Comment 8 to Model Rule 1.1 and states: “Maintaining learning and skill consistent with an attorney’s duty of competence includes keeping ‘abreast of changes in the law and its practice, including the benefits and risks associated with technology.’” In February 2021, California became the 39th state to adopt a general duty of technology competence when it added Comment 1 to Rule 1.1 of the California Rules of Professional Conduct, which mirrors the language of Model Rule 1.1.
Similarly, at the request of the U.S. Virgin Islands Bar Association, the Supreme Court of the Virgin Islands amended its mandatory CLE requirements in 2019 to require two credit hours per reporting cycle in technology programming. The Virgin Islands’ rules specifically note that technology programming, defined as “CLE programming designed for lawyers that provides education on safe and effective ways to use technology in one’s law practice,” assists lawyers in complying with the Virgin Islands Rules of Professional Conduct, which require lawyers to possess the knowledge and skills necessary for competent representation.
Cautionary Case Law
Technology issues impact all practitioners in a wide area of practices and can result in bar discipline if not taken seriously. The following cases demonstrate the technological issues facing lawyers and potential consequences for failing to deal with them appropriately.
Electronic Communication Is the New Normal
By order dated October 17, 2011, South Carolina’s Supreme Court required all lawyers admitted to practice law in South Carolina to log on, verify, and update their contact information on the Attorney Information System (AIS) by November 18, 2011. The order specified attorneys “shall ensure that his or her contact information in the AIS includes a mailing address, an e-mail address, and a telephone or cell phone number, and that this information is current and accurate.” In the case of In re Collie, the attorney refused to provide an email address and claimed she was not required to do so because she was “retired.” The South Carolina Supreme Court noted that “[a]lthough respondent may consider herself retired from the practice of law since she has not represented clients in many years, she is nevertheless classified as a regular member of the South Carolina Bar and . . . required to provide a valid email address. Even if she were eligible to elect to be a retired member of the Bar, she would still be required to maintain an email address.” The court suspended the attorney’s license to practice law, noting that the attorney had “repeatedly refused to comply with the explicit directives, orders, and rules of this Court and of requests by the Clerk of Court by refusing to maintain and monitor an operational email account.”
In re Collie teaches that an email address is now considered a basic requirement for law practice, just as having a telephone number and, later, a fax number were previous requirements. Email is the preferred method of communication in most commercial and professional settings and all lawyers must be able to communicate in this manner.
Preservation of Electronic Evidence
A lawyer’s duty to instruct his or her client about preserving electronic evidence was the subject of the Massachusetts Board of Bar Overseers’ order in Kenneth Paul Reisman. Reisman was a complicated case involving an employee who, without permission, transferred files from his former employer’s laptop to his new employer’s laptop. The former employer sued the employee. Unbeknownst to the former employee’s counsel, the former employee used a scrubbing program to delete files from the new laptop. The former employer’s attorney sent counsel for the former employee a litigation hold letter asking for preservation of all documents relating to the case, but the former employee’s counsel took no action and did not advise the former employee to maintain the files on the laptop.
The court entered an order allowing a forensic examination of the new laptop. The former employee advised counsel that there were files unrelated to the litigation that should not be disclosed. Counsel, without inquiring further as to the specific nature or content of these documents, advised the former employee that he could scrub such confidential information from his laptop.
The Board of Bar Overseers noted that due to a lack of experience in electronic discovery, counsel for the former employee failed to appreciate that the court’s order required the entire hard drive to be preserved for the expert. Counsel’s advice to the former employee that he should scrub “unrelated” files without (i) conferring with experienced counsel or conducting research as to his client’s legal obligations and (ii) any attempt to confirm that the materials to be deleted were as represented was determined to be conduct violating Massachusetts Rule of Professional Conduct 1.1. The former employee’s counsel was publicly reprimanded for this conduct.
Lawyer’s Duty to Investigate Information Obtained from the Internet
While representing a client in a criminal case in 2011, counsel, a 30-year practitioner, was presented with documents purporting to evince that his client was the beneficiary of a large bequest from his long-lost cousin in Nigeria. The client represented that upon payment of $177,660 in taxes owed on the inheritance in Nigeria, the sum of $18,800,000 would be released to him. He asked counsel to represent him in securing the transfer of the funds from Nigeria. Counsel agreed to do so in consideration for a fee equal to 10 percent of the funds recovered. Counsel then engaged in conduct that included borrowing money from other clients and communicating with persons he believed were representatives of the “Central Bank of Nigeria,” the “African Union,” the “President of Nigeria,” a purported Nigerian lawyer who had witnessed the decedent’s will, and a person claiming to be an English lawyer who had traveled to Nigeria and investigated the legitimacy of the inheritance. Based on this conduct, the Iowa Supreme Court Attorney Disciplinary Board filed a complaint against the attorney for violation of numerous ethical rules.
In its evaluation and report, the Board withdrew the allegation against counsel that he engaged in illegal or fraudulent conduct by noting that counsel “honestly believed—and continues to believe—that one day a trunk full of . . . one hundred dollar bills is going to appear upon his office doorstep,” and although such conduct might aptly be described as delusional, it was not fraudulent. The Board’s evidence established that a cursory internet search “would have revealed evidence that counsel’s dream of a Nigerian inheritance was probably based on a scam.” The Board considered counsel’s failure to verify the scam, his failure to verify the identity of the people with whom he spoke, and his conflict of interest with his clients in obtaining the loans and ultimately suspended him for 12 months.
While this attorney seemed gullible, this case highlights the need to investigate and verify information found on the internet. Such independent verification would include not relying on client-provided contacts and phone numbers as well as general skepticism of anything that sounds too good to be true.
Lawyer’s Duty to Identify and Verify Electronic Documents Admitted into Evidence
State v. Ratliff was a criminal case from North Dakota involving surveillance video. The parties’ counsel viewed the tape pretrial and were aware it contained audio but did not make the court aware of this. The video was admitted into evidence without limitation during the trial and was shown to the jury without sound. During deliberations, the jury requested to review the surveillance video and was provided a DVD player and television to watch the video; ultimately, the jury heard the audio that was not provided at trial. The defense did not object or move for a mistrial but agreed with the court’s suggestion to poll the jurors. The conviction was affirmed without addressing any technological issues for counsel.
In the concurring opinion, Justice Crothers noted many potential issues with electronic evidence as raised by the facts:
Given our holding in the present case, lawyers and judges increasingly must be vigilant about identifying and knowing precisely what “evidence” is being admitted. . . . When another form of electronic information is introduced—say an electronic document—questions may arise whether they contain metadata. If so, is metadata being admitted along with the information on the face of the document? Knowing the answer will be important to lawyers, who must “provide competent representation to a client.”
Justice Crothers noted that knowing and understanding the evidence before the court would be important to judges, but given that judges could not conduct independent investigations, the burden would fall on counsel to understand and communicate these issues. Justice Crothers concluded that there were a great number of potential questions, and he sampled a few to “alert the bench and bar of concern as the nature of adjudicative evidence shifts from one-dimensional paper to multi-dimensional electronic documents.”
Local Counsel Obligations for Pro Hac Vice Counsel’s Technological Competence
James v. National Financial LLC involved a discovery dispute related to data contained in different spreadsheets. The court sanctioned the party for the discovery conduct, and also sanctioned counsel, including counsel admitted pro hac vice and local Delaware counsel.
Lead counsel, appearing pro hac vice, stated to the court: “I have to confess to this Court, I am not computer literate. I have not found presence in the cybernetic revolution. I need a secretary to help me turn on the computer. This was out of my bailiwick.” The court showed no sympathy and, relying on Delaware’s adoption of Model Rule 1.1’s comment 8, stated that “[p]rofessed technological incompetence is not an excuse for discovery misconduct.” The trial court noted further that Pennsylvania, where the sanctioned attorney was licensed, had a parallel requirement.
The court then addressed local Delaware counsel. The court noted that the “rules make clear that the Delaware lawyer who appears in an action always remains responsible to the Court for the case” and “Delaware lawyers are ultimately responsible for the documents they file with the Court and serve on the [opposing party].” The court concluded by stating: “Delaware counsel are expected to police the behavior of their out-of-state colleagues and ensure that out-of-state counsel understand the standards expected by Delaware courts.” The court did not distinguish the technology competency requirements from any other requirements under the rules governing attorney conduct.
It is common for construction attorneys to be admitted pro hac vice in other jurisdictions and to serve as local counsel for out-of-state attorneys. Local counsel should discuss the pro hac vice lawyer’s technology competence before agreeing to act as local counsel. If, as in this case, the out-of-state counsel professes not to be computer literate, local counsel should suggest hiring another lawyer or consultant to handle the technology requirements or consider declining the assignment.
Lawyer’s Duty to Understand and Comply with Court E-Filing Requirements
In State ex rel. Oklahoma Bar Association v. Oliver, an attorney’s lack of computer skills and frustration with following federal court electronic pleading requirements led to his suspension from the U.S. Bankruptcy Court for the Western District of Oklahoma. However, the attorney failed to report this suspension to the Oklahoma Supreme Court, where he was licensed. The attorney had been admitted to the Oklahoma Bar in 1967, practiced in bankruptcy courts almost 30 years, and had never had any prior complaints or disciplinary actions. No testimony or documents showed an insufficiency in the attorney’s knowledge of substantive bankruptcy law. The trial court reported that the attorney’s problem was technological proficiency. These problems led to an initial suspension by the bankruptcy court for 30 days, then 60 days, and finally permanently. Although the technological failures did not disqualify him from practicing law in the courts of Oklahoma, the failure to report his suspensions to the Oklahoma Bar and timely notify his bankruptcy clients of those suspensions warranted public censure. The court concluded with a note encouraging the attorney “to continue to improve his computer skills, or better, to hire an adept administrative assistant to do his pleadings.”
If a lawyer lacks computer skills, he or she must engage competent staff to assist with these tasks while the lawyer obtains some level of competence. However, as noted in the ABA Model Rules, the attorney must make reasonable efforts to ensure subordinate attorneys’ and staff’s conduct also comply with the attorney’s professional obligations.
Lawyer’s Duty to Have Adequate Systems in Place to Monitor Electronic Court Filings and Dockets
In Emerald Coast Utilities Authority v. Bear Marcus Pointe, LLC, the trial court had electronically issued an award of attorney fees. Counsel for Emerald Coast Utilities Authority (ECUA) never received the order and filed a motion to set aside the award due to excusable neglect. At the trial court level, counsel for ECUA argued that relief from the attorney fees order was appropriate because he did not receive the order in time to file a timely appeal. The opposing party responded that ECUA was not entitled to relief because ECUA’s ability to file a timely appeal was not hindered by any action attributable to the trial court or the clerk, but attributable to the actions of ECUA’s counsel.
Ultimately, both the trial and appellate courts found against ECUA and its counsel. The issue both courts focused on revolved around the decisions made by ECUA’s counsel regarding his firm’s email spam filter and counsel’s failure to monitor the online docket. The firm’s IT consultant advised ECUA’s counsel that the spam filter was unreliable and that it was better practice to hire a third party to handle spam filtering on a full-time basis. This was rejected by ECUA’s counsel due to cost concerns.
Multiple technological consultants, including ECUA’s counsel’s IT consultant, reviewed the transaction logs from the clerk’s server to the firm’s server and concluded that the order assessing attorney fees was properly delivered and that it was possible that the server deleted the email as spam. One technological consultant testified that counsel’s email filtering system was set to drop and delete emails identified as spam and that this was inadvisable in any business setting because it resulted in data loss.
The appellate court concluded that, based on the evidence presented, “the trial court could conclude that [ECUA’s counsel] made a conscious decision to use a defective email system without any safeguards or oversight in order to save money. Such a decision cannot constitute excusable neglect.” The court found a lawyer’s failure to meet a case deadline was not excusable neglect where the spam filters on the law firm’s email deleted an order sent by the court assessing fees and the lawyer failed to check the online docket. The court stated that counsel had a duty to have sufficient procedures and protocols in place, which included adequate spam filter safeguards and independent monitoring of the court’s electronic docket. The court further noted that where rendition of an appealable order was delayed for a significant period of time, this duty might also include the filing of a joint motion for a case management conference to ensure that the order has not slipped through the cracks.
Another cautionary tale in the era of e-filing is Rollins v. Home Depot USA. In Rollins, Rollins sued his employer for personal injury. The employer filed a motion for summary judgment on the eve of the parties’ agreed deadline for dispositive motions. Rollins’s counsel never saw the electronic notification of that motion or the motion itself because counsel’s computer email system placed that notification in a folder not regularly monitored. Similar to the Emerald Coast Utilities case, the lawyer in Rollins also failed to check the court’s online docket. As a result, Rollins did not file an opposition to the summary judgment motion, leading the district court to enter judgment against Rollins. On appeal to the Fifth Circuit, Rollins contended that the district court abused its discretion in denying his Rule 59(e) motion, as the only reason his counsel did not know about Home Depot’s motion for summary judgment was due to a glitch in his email system.
The Fifth Circuit stated that it did not question the good faith of Rollins’s counsel, but that it was not “manifest error to deny relief when failure to file was within [Rollins’s] counsel’s ‘reasonable control.’” The Fifth Circuit noted that notice of Home Depot’s motion for summary judgment was sent to the email address that Rollins’s counsel provided, that under Federal Rule 5(b)(2)(E) service was complete upon filing or sending, and that the rule had been satisfied. “Rollins’s counsel was plainly in the best position to ensure that his own email was working properly—certainly more so than either the district court or Home Depot. Moreover, Rollins’s counsel could have checked the docket after the agreed deadline for dispositive motions had already passed.” The Fifth Circuit found that the district court did not abuse its discretion in denying relief under Rule 59(e).
Lawyer’s Duty to Understand ESI Discovery
In City of Rockford v. Mallinckrodt ARD, Inc., a complex case involving a manufacturer of prescription medication and alleging breach of contract, racketeering, and violation of various antitrust statutes, counsel had reached extensive agreements about search terms and random sampling of documents and other electronically stored information (ESI) production protocols. Despite their cooperation, however, counsel was unable to reach an agreement as to how they should proceed with discovery following initial document production. While defendants proposed that the parties simply meet and confer upon the requesting party’s reasonable belief that certain categories of requested documents were not included in the production, plaintiff’s proposal was far more technical, presenting the court with issues of “null set” searches and “elusion.”
It is important to see what plaintiff proposed:
The producing party agrees to quality check the data that does not hit on any terms (the Null Set) by selecting a statistically random sample of documents from the Null Set. The size of the statistically random sample shall be calculated using a confidence level of 95% and a margin of error of 2%. If responsive documents are found during the Null Set review, the producing party agrees to produce the responsive documents separate and apart from the regular production. The parties will then meet and confer to determine if any additional terms, or modifications to existing terms, are needed to ensure substantive, responsive documents are not missed.
To the average practitioner all of this may be technical “mumbo-jumbo”; however, the Model Rule changes make ignoring matters such as the “null set” or “elusion” difficult, if not impossible, for competent counsel.
The magistrate judge, understanding that readers of the opinion may be panicked, stated:
The Court pauses here for a moment to calm down litigators less familiar with ESI. (You know who you are.) In life, there are many things to be scared of, including, but not limited to, spiders, sharks, and clowns—definitely clowns, even Fizbo. ESI is not something to be scared of. The same is true for all the terms and jargon related to ESI. Discovery of ESI is still discovery, governed by the same Federal Rules of Civil Procedure as all other civil discovery. . . . So don’t freak out. Having said that, the ethical rules now require attorneys to be competent with technologies such as ESI. ABA Model Rule 1.1, Comment 8 (“To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology…”).
Attorneys with reservations about ESI can ease those concerns by following a few simple rules: Work to stay abreast of changes to the pertinent technology, undertake appropriate continuing education, and engage with others who have appropriate technological knowledge and skills.
Compelled Technology Training
While most states do not require continuing education related to technology, attorneys should be aware that state bar disciplinary boards may order mandatory technology training, in addition to sanctions, for failure to demonstrate technological competence.
For example, in Disciplinary Counsel v. Valenti, an Ohio attorney was charged with failing to competently and diligently represent clients in three separate matters. Specifically, the sanctioned attorney failed to submit timely filings and inform the court of scheduling conflicts on multiple occasions. The disciplinary board concluded that counsel’s pattern of misconduct surrounding case management was evidence of insufficient technological competence and imposed a six-month suspension. In addition to the suspension, the board ordered counsel to complete six hours of continuing legal education in law-office management and law-office technology.
Practical Considerations for the Technologically Driven Practice of Law
Ethics opinions from jurisdictions across the country shed light on lawyers’ ethical obligations to stay abreast of technology. These opinions cover a broad range of technology-related issues that present themselves to lawyers daily, such as cloud computing, email, social media, and even digital currencies. These opinions are insightful as to how lawyers may best handle analogous technology issues going forward.
Working Remotely
In a pandemic-driven ethics opinion, the Pennsylvania Bar Association provided practicing attorneys with guidance regarding the ethical implications of working remotely. The ethics opinion focused on a lawyer’s duty to provide competent representation through the obligation to understand the risks and benefits of technology pursuant to Comment 8 to Rule 1.1 of the Pennsylvania Rules of Professional Conduct: “Consistent with this Rule, attorneys must evaluate, obtain, and utilize the technology necessary to assure that their communications remain confidential.”
The opinion also focused on the correlation between understanding the risks and benefits of technology and the obligation to safeguard client information. The Pennsylvania Bar noted some of the many obstacles to maintaining client confidentially, especially when working in a remote environment: “For example, smart devices such as Amazon’s Alexa and Google’s voice assistants may listen to conversations and record them.” Similarly, “when communicating using electronic mail, text messages, and other methods for transmitting confidential and sensitive data, attorneys must take reasonable precautions, which may include the use of encryption, to assure that unauthorized persons cannot intercept and read these communications.”
The opinion concluded its guidance by reminding attorneys of the many ways to enhance online security, including avoiding unsecure public internet hotspots, using virtual private networks (VPNs), using multifactor authentication systems, and using strong passwords.
Virtual Practice
The ABA Model Rules of Professional Conduct, which have formed the blueprint for maintaining technology competence, permit the virtual practice of law. In ABA Formal Opinion 498, the ABA emphasized the importance of considering ethical duties regarding competence, diligence, and communication when using technology to practice virtually. “As lawyers increasingly use technology to practice virtually, they must remain cognizant of their ethical responsibilities.”
Formal Opinion 498 not only addresses an attorney’s core ethical duties surrounding changes in technology and the practice of law, but also focuses on the ethical obligations of supervisory lawyers to establish policies and procedures to ensure ethical compliance by subordinate lawyers and nonlawyer assistants. “Practicing virtually does not change or diminish this obligation.” Further, this duty to supervise nonlawyers extends to those both physically within and outside of a law firm building. The duty to practice law virtually with the same professionalism as in-person practice is becoming increasingly important as courts across the country are utilizing the convenience and efficiency of virtual proceedings implemented during the pandemic. For example, the Florida Supreme Court recently voted, unanimously, to amend its rules of procedure and adopt permanent authorization for remote court proceedings. The new rules, which took effect October 1, 2022, permit remote proceedings for matters such as depositions, nonevidentiary hearings, jury trials, and mediation conferences. As Florida demonstrates, virtual practice is here to stay and will likely continue to play a greater role in the practice of law.
However, virtual practice and technology do have their limits. As the ABA has noted, lawyers practicing virtually must ensure that trust accounting rules, which vary significantly across states and often require brick-and-mortar capabilities, are followed. Litigators must be able to file and receive pleadings at a physical address. Further, attendance at remote hearings should still comport with the appropriate level of decorum for the serious matters before the court.
Artificial Intelligence
The term “artificial intelligence” (AI) can be defined in several different ways and can denote multiple kinds of systems and processes. The National Science and Technology Council’s somewhat tautological definition illustrates the difficulty of defining AI with specificity: “a computerized system that exhibits behavior that is commonly thought of as requiring intelligence.” Drs. Stuart Russell and Peter Norvig, authors of the textbook Artificial Intelligence: A Modern Approach, offer a more precise definition: “the designing and building of intelligent agents that receive percepts from the environment and take actions that affect that environment.”
In its May 21, 2019, Recommendation of the Council on Artificial Intelligence, the Organisation for Economic Co-Operation and Development defined an AI system as “a machine-based system that can, for a given set of human-defined objectives, make predictions, recommendations, or decisions influencing real or virtual environments.” AI systems operate with varying levels of autonomy, but the human operators of a particular system typically ensure that the life cycle of a system involves four phases: (a) design, data, and models; (b) verification and validation; (c) deployment; and (d) operation and monitoring. The operators of the system must also implement “AI knowledge,” defined as “the skills and resources, such as data, code, algorithms, models, research, know-how, training programs, governance, processes and best practices, required to understand and participate in the AI system lifecycle.”
As in society at large, AI has become more and more prevalent in legal work in ways both noticeable and subtle. Many firms and practitioners have found that AI tools can simplify work that has hitherto been seen as drudgery. For example, legal research software can quickly locate citations to, or, better yet, negative treatment of, a given case within a vast array of subsequent cases. Humans need “Shepardize” no more—at least not by resorting to books and pocket parts, and not without a substantial amount of AI assistance. But that is far from the only function AI tools can perform as part of legal research software, let alone as part of a legal ecosystem as a whole. For several years, AI tools have been assisting in performing, and evolving and improving in their ability to perform, numerous services: natural language legal research; contract drafting and review; e-discovery; litigation outcome forecasting and predictive analytics; brief preparation, including analysis of the litigation record on appeal, providing citations to portions of the record best supporting an argument, and review of opponent’s brief; and human resource functions, including review of application materials and selection of applicants.
Once lawyers choose to implement an AI tool in their practice, can they simply fire it up and go? Or should they first consider the ethical implications of the implementation? Such implications can be wide-ranging; in 40 U.S. jurisdictions, the lawyer must begin by observing a requirement to stay attuned to the benefits and risks of new technologies as they develop (see Model Rule 1.1, Comment 8), suggesting that the implementation of a tool must be accompanied by a readiness to learn about modifications, updates, or bugs that would alter the tool’s effectiveness. The ongoing nature of the lawyer’s ethical duties is also underscored by Model Rule 5.3, which requires lawyers to supervise the “nonlawyer assistance” they receive from either vendors or employees who assist in implementing the AI tool—or, crucially, from the AI tool itself.
Model Rule 5.3 Generally
Model Rule 5.3 itself does not, of course, refer to AI or how a lawyer could be expected to supervise it. Nor does it impose a clearly envisioned requirement of exactly what a lawyer must do as a “supervisor” of “assistance.” The Rule states:
With respect to a nonlawyer employed or retained by or associated with a lawyer:
(a) a partner, and a lawyer who individually or together with other lawyers possesses comparable managerial authority in a law firm shall make reasonable efforts to ensure that the firm has in effect measures giving reasonable assurance that the person’s conduct is compatible with the professional obligations of the lawyer;
(b) a lawyer having direct supervisory authority over the nonlawyer shall make reasonable efforts to ensure that the person’s conduct is compatible with the professional obligations of the lawyer; and
(c) a lawyer shall be responsible for conduct of such a person that would be a violation of the Rules of Professional Conduct if engaged in by a lawyer if:
(1) the lawyer orders or, with the knowledge of the specific conduct, ratifies the conduct involved; or
(2) the lawyer is a partner or has comparable managerial authority in the law firm in which the person is employed, or has direct supervisory authority over the person, and knows of the conduct at a time when its consequences can be avoided or mitigated but fails to take reasonable remedial action.
The title of the Model Rule was changed in 2002 to reflect that lawyers were required not only to supervise “nonlawyer assistants” but rather “nonlawyer assistance,” broadening the definition of the supervised to include not just individuals or groups of people, but systems by which lawyers receive work that assists them. Yet the text of the Model Rule itself does not keep pace with that change; subsection 5.3(a) sets the tone by referring to the “nonlawyer” who is “employed or retained by or associated with” the lawyer as a “person.” This definition conjures the image of an individual human being whom the lawyer has hired, or with whom the lawyer has contracted, directly or indirectly. Whether AI tools have now attained, or can ever attain, personhood is a philosophical debate best suited for other fora. But the language of the Model Rule (apart from its title) seems to reveal that its drafters did not envision software, computers, or AI tools as “persons,” or the Model Rule as requiring a lawyer to supervise a neural network, an algorithm, or a machine that learns.
Yet the Model Rule must require just that. Even if society at large cannot conceive of AI tools as having achieved personhood (or as capable of achieving it in the future), lawyers who seek to implement such tools must consider them to be as much a part of the “assistance” they receive in their practices as a human paralegal or administrative professional. The work entrusted to AI tools is simply too important to consider any other interpretation of Model Rule 5.3. For example, as screeners of datasets, AI tools have access to vast amounts of information, and they must be trusted to organize and interpret data accurately, without omissions and while eliminating as much bias as possible. In short, lawyers must be able to confer some degree of “cognitive authority” on an AI tool. Model Rule 5.3 would not expect or require a lawyer to write the code for the tool’s algorithm in order to achieve that result, but it would expect and require the lawyer to ensure that there are systems in place that ensure the algorithm’s accuracy.
That duty, in turn, could be defined as a duty to supervise other people, rather than the technology itself—namely, the vendor (and its staff) supplying the AI tool, or the lawyer’s employees who are responsible for dealing with that vendor. But that framing could allow the lawyer to stop short of full compliance with the Model Rule. It could allow the lawyer to fall victim to what Dr. Lance B. Eliot refers to as “AI Ethics Washing”: “giving lip service or window dressing to claimed . . . concerns about AI Ethics precepts, including at times not only failing to . . . abide by Ethical AI approaches but even subvert[ing] or undercut[ting] AI Ethics approaches.” A lawyer could be sold on the use of an AI tool with assurances that the tool would be accurate, bias-free, and secure, but how reliable are those assurances? A lawyer accepting them at face value would be, at minimum, assuming some level of ethical risk. The vaguer the assurance, or the more careless the lawyer in implementing the tool, the greater the risk—and the further the lawyer has strayed from measures that give reasonable assurance of the tool’s compatibility with their professional obligations.
Model Rule 5.3 does not require perfection, or frictionless use of “nonlawyer assistance.” Accordingly, it is unlikely that Model Rule 5.3 could require full transparency into the workings of an AI tool—if only because such transparency may not exist. Because an AI tool can “generate[ ] its own algorithm based on example data and a desired output,” it is not always possible—even for humans who create and operate AI tools—to know exactly how the tool programs itself. When even experts in the technology find a tool unpredictable or less than fully transparent, nonexperts (like most lawyers) should be especially wary of neat-sounding assurances of the technology’s abilities. In other words, the “reasonable assurances” that a lawyer should seek to have about an AI tool’s functionality should involve at least some level of acquaintanceship with the way in which the tool works, and the ability to review and update that knowledge on a regular basis.
State Jurisdictions’ Variations on Rule 5.3
Model Rule 5.3 serves as the template for many rules adopted by state jurisdictions across the United States. Many states—like Illinois—have adopted the Model Rule verbatim. Further, disciplinary case law in each state can refine the way in which the rule is applied. For example, in Illinois, violations of Rule 5.3 have been found where an attorney enabled a nonlawyer’s practice of law; shared legal fees with a nonlawyer while enabling them to practice unauthorized; and allowed a nonlawyer employee to manage his client trust account, even though he was on notice that the nonlawyer was handling the account improperly. However, Illinois tribunals have found instances in which a nonlawyer affiliated with a lawyer engaged in improper conduct but declined to subject the lawyer to discipline under Rule 5.3; and they have held that not all alleged failures to supervise a nonlawyer over whom a lawyer has supervisory authority will result in discipline.
The Illinois disciplinary system has not addressed a case in which a lawyer is alleged to have violated Rule 5.3 by virtue of imperfectly or improperly implementing a technological tool or system. Should that occur, the cases cited supra (especially In re Breen) suggest that the degree to which it could be proven that the lawyer knew or should have known of the potential problems created by the tool would likely be a significant factor in determining the lawyer’s culpability.
Other jurisdictions implement concepts that change the rule’s emphases and application, often in ways that can be useful for lawyers seeking to understand their obligations to supervise AI tools. California Rule of Professional Conduct 5.3, for example, requires the lawyer to supervise a nonlawyer “whether or not [they are] an employee of the same law firm.” That outward focus—pushing beyond the boundaries of the lawyer’s own firm—requires the lawyer to conceive of a broader scope of supervision, one that could encompass vendor companies, their staff, and the technology they create or implement.
Alaska Rule of Professional Conduct 5.3 adds three full subparts to the text of the rule, all of which relate to confidentiality—a concept otherwise unaddressed specifically in the Model Rule. Alaska’s rule obligates lawyers to “instruct [a] departing nonlawyer not to disclose confidences and secrets protected by Rule 1.6 that were learned by the nonlawyer”; to screen for conflicts of interest “based on the nonlawyer’s [past] employment by another lawyer”; and to notify any affected party if the nonlawyer does disclose confidential information following their separation from employment. Like the Model Rule, Alaska’s rule specifically addresses requirements relating to human nonlawyers. Nevertheless, the concepts articulated by the rule can be instructive for lawyers (even those outside Alaska) implementing and supervising AI tools. For example, lawyers can take note of the rule’s emphasis on protecting confidentiality upon termination of a relationship with a nonlawyer, and they can consider such concerns when discontinuing the use of a legal technology application or AI tool. They can carefully examine the processes of the discontinued tool with respect to its retention of any data, its post-discontinuance security protocols, and its vendor’s policies concerning the ownership of any data used, analyzed, or generated by the tool.
Arizona’s Ethics Rule 5.3 also adds a great deal of substance to the concepts articulated in the Model Rule by describing in considerable detail what a lawyer’s “reasonable efforts” may include. Like the Alaska analogue, the Arizona rule contains concepts the consideration of which could prove helpful to any lawyer seeking to comply thoroughly with Rule 5.3. It encourages lawyers to consider the material influences that nonlawyers may have on lawyers’ professional judgment; the importance of avoiding conflicts of interest and maintaining confidentiality of client information; and the concept of a lawyer not just as supervisor but as instructor. The Arizona rule also contains such concepts as a means of addressing the state’s abolition of Rule 5.4, resulting in its permission and regulation of many more, and often more complex, professional relationships among lawyers and nonlawyers. This concept is unique to Arizona as of this writing, and it is still a new development in American legal regulation; but the clear, cogent, humane, and thoughtful terms of Arizona’s Ethic Rule 5.3 seem to augur well for the future of regulatory change.
State Jurisdictions: Rule Variations Negatively Impacting AI Supervision
Other state rules seem to put the lawyer seeking to comply with them—with respect to both human assistance and/or AI tools—in comparatively more peril by requiring the lawyer to make judgments using difficult or unknowable criteria. For example, New Jersey’s Rule of Professional Conduct 5.3 subjects a lawyer to discipline for a nonlawyer’s conduct if the lawyer “fail[s] to make reasonable investigation of circumstances that would disclose past instances of conduct by the nonlawyer incompatible with the professional obligations of a lawyer, which evidence a propensity for such conduct.” Viewed in one light, that provision appears to codify the “knew-or-should-have-known” standard articulated by the Hearing Board of the Illinois ARDC in In re Breen—a standard that seems commonsensical if one assumes that the lawyer can draw knowledge of the nonlawyer’s conduct from events in the recent past or in the present. If the lawyer knows that the nonlawyer is engaging or has just engaged in improper conduct, and the lawyer does not rectify the matter or discontinue the assistance, the lawyer could fairly be said to have transgressed Rule 5.3. But what should a lawyer know, or how should a lawyer gain information, about what a nonlawyer’s “propensity” may be? What level of inquiry is reasonable, and how can the rule impose discipline if the lawyer’s best judgment is that bad conduct in the nonlawyer’s past does not reveal a “propensity” for bad conduct in the future?
When analyzing such questions in the context of AI tools, rather than human employees or assistants, the picture becomes murkier. What information will realistically be available to the lawyer that would indicate that the tool—which can teach itself poor or biased methods even if its human operators do their work with the best intentions—would have a “propensity” to work in a way incompatible with the lawyer’s obligations? Sometimes a tool’s failures are publicized, but other times, they cannot be—particularly if the failure came in the context of a legal matter in which the involved lawyer’s Rule 1.6 confidentiality obligations would preclude disclosure. In light of that, and in light of the difficulty of achieving full understanding of AI tools and their processes generally, a lawyer seeking to comply with the New Jersey rule may find it difficult to analyze an AI tool’s “propensities” within the meaning of the rule, creating risk for the lawyer and potentially dissuading them from implementing otherwise useful technology.
New York Rule of Professional Conduct 5.3 gives even less specific guidance:
A law firm shall ensure that the work of nonlawyers who work for the firm is adequately supervised, as appropriate. A lawyer with direct supervisory authority over a nonlawyer shall adequately supervise the work of the nonlawyer, as appropriate. In either case, the degree of supervision required is that which is reasonable under the circumstances, taking into account factors such as the experience of the person whose work is being supervised, the amount of work involved in a particular matter and the likelihood that ethical problems might arise in the course of working on the matter.
This rule gives lawyers and regulators the ability to refer to an objective “reasonableness” standard as a baseline, but both must also determine what is, or what would have been, “appropriate” in any situation involving nonlawyer assistance. In a rapidly evolving field like AI, practitioners may struggle to obtain and understand sufficient information to determine a level of supervision of an AI tool that would be “appropriate,” while also recognizing that “ethical problems might arise” in myriad and unpredictable ways.
Where the New Jersey and New York rules seem to create challenging standards for judging the propriety of lawyers’ conduct as supervisors, North Dakota Rule of Professional Conduct 5.3 may erect practical barriers to particular uses of AI tools. North Dakota’s rule prohibits lawyers from “delegat[ing] to a legal assistant: (i) responsibility for establishing a lawyer-client relationship; (ii) responsibility for establishing the amount of a fee to be charged for a legal service; (iii) responsibility for a legal opinion rendered to a client; or (iv) responsibility for the work product.” Such prohibitions, like the reasonableness and foreseeability standards contained in the New York and New Jersey rules, seem sensible when applied to human employees or assistants. Many disciplinary cases—including, e.g., In re Waddy and In re Borzeka—have clearly articulated that lawyers face discipline if they allow nonlawyers to make legal determinations, including by signing up a client for representation, establishing a fee, or giving legal advice. It may also not be common for a lawyer to seek out, or implement, an AI tool with the express intent that it would or even could do any of those things. But if a lawyer were to implement an AI-driven chatbot on their website, even with appropriate and prominent disclaimers that using the chatbot does not result in an attorney-client relationship or the provision of legal advice, the lawyer may risk creating the perception that the chatbot somehow crosses the line into giving advice, creating a relationship, or setting a fee.
Most lawyers seeking to implement a chatbot would likely favor an application that could be programmed to engage only in a few simple “conversations” with potential clients, with the potential client being routed to the lawyer or supervised staff before the bot could begin to provide information that could be wrongly construed (or that would actually cross a line). But a regulator alerted to the operation of a chatbot that is asserted (by potential clients, actual clients, or the lawyer’s competitors) to be acting improperly could undertake a detailed, lengthy, and stressful investigation of the matter—a prospect that could deter the implementation of the technology.
Duty of Technological Competence and Supervision of AI
As noted supra, there are 40 U.S. jurisdictions that require, in some form, that as part of observing their duty of competence under Rule 1.1, a lawyer should “keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” The 10 jurisdictions that have not adopted that comment, or the principles contained within it, are Alabama, the District of Columbia, Georgia, Maine, Maryland, Mississippi, Nevada, New Jersey, Oregon, and South Dakota.
It can be difficult to discern exactly what a lawyer must do to “keep abreast of changes” in technology and to evaluate the changes’ “risks and benefits.” One commentator has contended that given the pace of technological innovation, Comment 8 “sets a bar that keeps rising for lawyers,” and that legal regulators should therefore consider it “okay that lawyers will never fully reach it.” The point is a salient one: Lawyers generally have many more responsibilities than trying to play catch-up with one or more sectors of the legal tech industry. It may be helpful, though, to conceive of technological competence as going hand in hand with the duty to supervise technological assistance. A lawyer implementing an AI tool should consider that becoming educated about the risks and benefits of that tool—and continuing to monitor its performance with those risks and benefits in mind—achieves two goals and allows the lawyer to provide effective and efficient client service to boot. Even lawyers whose jurisdictions have not incorporated Comment 8 could benefit from such an approach, particularly if they do so in the careful way suggested by (for example) Arizona Ethics Rule 5.3.
As AI improves and expands its reach into legal technology—and other applications not specifically designed for lawyers but that could provide assistance to them—the Model Rules, state rules of professional conduct, legal regulators, and lawyers all must adapt to the changing environment. Lawyers must seek as much visibility into, and understanding of, the workings of AI tools as they reasonably can, and rules and regulators must allow them to do so using clear standards by which the lawyers’ conduct may be judged. If both can occur, then AI tools can continue their increasing utility in complex and day-to-day legal matters alike.
Conclusion
The duty of technological competence does not require attorneys to become experts in the field of technology, but attorneys must do more than stick their heads in the sand and ignore the changing world and practice around them. As discussed herein, whether you are handling complicated ESI issues, are neglecting to review your spam filters, or fail to have a valid email address, there are issues that could significantly impact your practice. This is potentially true in all courts, in acting as pro hac counsel, or as local counsel.
It is important for attorneys to understand that they do not have to tackle technology alone. Comment 2 to Model Rule 1.1 encourages the use of third parties to maintain competence: “A lawyer need not necessarily have special training or prior experience to handle legal problems of a type with which the lawyer is unfamiliar. . . . Competent representation can also be provided through the association of a lawyer of established competence in the field in question.” As noted in the Florida Rules: “Competent representation may also involve the association or retention of a non-lawyer advisor of established technological competence in the field in question.” Accordingly, attorneys, particularly solo practitioners and small law firms without IT personnel, should turn to consultants when presented with technology concerns or issues.
The construction practice is one where there are many technological aspects, and a competent construction attorney must stay well-informed of those technologies, but they are not required to do so on their own. These technological issues are not going away, so become educated, stay educated, and affiliate with someone versed in these matters if needed.