October 17, 2017

Metadata Ethics Opinions Around the U.S.

Metadata Ethics Opinions

Metadata is a vital concern when it comes to safeguarding client confidentiality. We've compiled all state ethics guidance on metadata into one simple resource.

Metadata is loosely defined as "data about data." More specifically, the term refers to the embedded stratum of data in electronics file that may include such information as who authored a document, when it was created, what software was used, any comments embedded within the content, and even a record of changes made to the document.

While metadata is often harmless, it can potentially include sensitive, confidential, or privileged information. As such, it presents a serious concern for attorneys charged with maintaining confidentiality -- both their own and their clients. Professional responsibility committees at several bar associations around the country have weighed in on attorneys' ethical responsibilities regarding metadata, but the opinions vary significantly. 

Jurisdiction / Source
What is the Sender's Duty When Transmitting Metadata?
May the Recipient Review or "Mine" Metadata?
Must the Recipient Notify Sender if Metadata is Found?

ABA
American Bar Association Standing Committee on Ethics and Professional Responsibility

Formal Opinion 06-442

Formal Opinion 05-437

NONE

No explicit duty regarding metadata is imposed, but a number of methods for eliminating metadata (including "scrubbing," negotiating a confidentiality agreement, or sending the file in a different format) are suggested for attorneys who are "concerned about the possibility of sending, producing, or providing to opposing counsel a document that contains or might contain metadata." [06-442]

Presumably, a lawyer's general duties with regard to the confidentiality of client information under Rule 1.6 apply to metadata.

YES

After noting that some authorities have found metadata mining "ethically impermissible," the Committee states that it "does not share such a view, but instead reads the recent addition of Rule 4.4(b) identifying the sole requirement of providing notice to the sender of the receipt of inadvertently sent information, as evidence of the intention to set no other specific restrictions on receiving lawyer's conduct found in other Rules." [06-442]

YES, if lawyer knows or reasonably should know that transmission was inadvertent.

ABA Formal Opinion 05-437 cites the Rule 4.4(b) provision that a "lawyer who receives a document relating to the representation of the lawyer's client and knows or reasonably should know that the document was inadvertently sent shall promptly notify the sender." [05-437]

The Opinion goes on to state that Rule 4.4(b) "obligates the receiving lawyer to notify the sender of the inadvertent transmission promptly" but "does not require the receiving lawyer either to refrain from examining the materials or to abide by the instructions of the sending lawyer." [05-437]

REASONABLE CARE

The Alabama State Bar Commission found that "an attorney has an ethical duty to exercise reasonable care when transmitting electronic documents to ensure that he or she does not disclose his or her client's secrets and confidences." [2007-02]

The Commission went on to specify that the relevant factors in determining whether reasonable care was exercised "include steps taken by the attorney to prevent the disclosure of metadata, the nature and scope of the metadata revealed, the subject matter of the document, and the intended recipient." [2007-02]

NO

The Commission found that "the receiving lawyer also has an ethical obligation to refrain from mining an electronic document." [2007-02]

The Commission then went on to provide that "mining of metadata constitutes a knowing and deliberate attempt by the recipient attorney to acquire confidential and privileged information in order to obtain an unfair advantage against an opposing party." [2007-02]

NOT ADDRESSED

REASONABLE CARE

In discussing the issue, the State Bar of Arizona Ethics Committee cited a comment Arizona Ethical Rule 1.6 providing that when "transmitting a communication that includes information relating to the representation of a client, the lawyer must take reasonable precautions to prevent the information from coming into the hands of unintended recipients" and that "'reasonable' in the circumstances depends on the sensitivity of the information, the potential consequences of its inadvertent disclosure, whether further disclosure is restricted by statute, protective order, or confidentiality agreement, and any special instructions given by the client." [07-03]

The Committee concluded by stating that lawyers "must take reasonable care not to violate any duty of disclosure to which the lawyer or the lawyer's client is subject." [07-03]

NO

Arizona's Committee stated that lawyers "should refrain from conduct that amounts to an unjustified intrusion into the client-lawyer relationship that exists between the opposing party and his or her counsel" and in its conclusion provided that "a lawyer who receives an electronic communication may not examine it for the purpose of discovering the metadata embedded in it." [07-03]

YES

The Committee noted that metadata "may be discovered by the recipient through inadvertent or relatively innocent means" and they "do not mean to imply that all such activity necessarily rises to the level of ethical concern." Nonetheless, they stated that if a recipient "discovers metadata by any means, and knows or reasonably should know that the sender did not intend to transmit the information, the recipient has a duty to follow the procedures set forth in [Ethical Rule] 4.4(b)." [07-03]

Ethical Rule 4.4(b) requires that the recipient in such a situation "promptly notify the sender and preserve the status quo for a reasonable period of time in order to permit the sender to take protective measures." [ER 4.4(b)]

REASONABLE CARE

The Colorado Bar Association Ethics Committee provided that the sending lawyer must "use reasonable care to ensure that metadata that contain Confidential Information are not disclosed to a third party," and later states that the "Sending Lawyer may not limit the duty to exercise reasonable care in preventing the transmission of metadata that contain Confidential Information by remaining ignorant of technology relating to metadata or failing to obtain competent computer support." [119]

YES, unless sender notifies recipient of inadvertent transmission of confidential information before recipient views metadata.

According to Ethics Opinion 119, "a Receiving Lawyer generally may ethically search for and review metadata embedded in an electronic document that the Receiving Lawyer receives from opposing counsel or other third party." [119]

If, however, the recipient is notified by the sender before the recipient examines the metadata that confidential information was inadvertently transmitted in the metadata, then the "Receiving Lawyer must not examine the metadata and must abide by the Sending Lawyer's instructions regarding the disposition of the metadata." [119]

YES

When the "Receiving Lawyer knows or reasonably should know that a Sending Lawyer (or non-lawyer) has transmitted metadata that contain Confidential Information, the Receiving Lawyer should assume that the Confidential Information was transmitted inadvertently, unless the Receiving Lawyer knows that confidentiality has been waived." In that situation, the recipient "must promptly notify the Sending Lawyer (or non-lawyer sender)." [119]

REASONABLE CARE

"It is the sending lawyer's obligation to take reasonable steps to safeguard the confidentiality of all communications sent by electronic means to other lawyers and third parties and to protect from other lawyers and third parties all confidential information, including information contained in metadata, that may be included in such electronic communications." [06-02]

NO

"It is the recipient lawyer's concomitant obligation, upon receiving an electronic communication or document from another lawyer, not to try to obtain from metadata information relating to the representation of the sender's client that the recipient knows or should know is not intended for the recipient." [06-02]

YES

"If the recipient lawyer inadvertently obtains information from metadata that the recipient knows or should know was not intended for the recipient, the lawyer must 'promptly notify the sender.'" [06-02]

REASONABLE CARE

"...the sending attorney has an ethical duty to use reasonable care when transmitting an electronic document to prevent the disclosure of metadata containing confidential information." [196]

This duty "requires the attorney to reasonably apply a basic understanding of the existence of metadata embedded in electronic documents, the features of the software used by the attorney to generate the document and practical measures that may be taken to purge documents of sensitive metadata where appropriate to prevent the disclosure of confidential information." [196]

NO

"...we find that an attorney may not ethically take steps to uncover metadata, embedded in an electronic document sent by counsel for another party, in an effort to detect information that is legally confidential and is or should be reasonably known not to have been intentionally communicated." [196]

NOT ADDRESSED

Maine's Commission does not provide explicit guidance on this question, though it does favorably reference the Florida approach to confidential metadata, which includes a requirement that the recipient notify sender of inadvertently transmitted metadata. [196]

MARYLAND
Maryland State Bar Association - Committee on Ethics

Ethics Docket No. 2007-09 (MSBA Members Only)

REASONABLE CARE

Note: the Maryland opinion is set "in the context of litigation," but given the "relatively recent growth of electronic discovery, technology associated therewith, and developing rules of procedure and case law" and the corresponding lack of precedent, the "scope of this Question will be general in nature." [2007-09]

The Maryland Committee went on to state that "absent an agreement with the other parties (such as is contemplated in proposed Federal [Rules] 16(b)(5) and (6)), the sending attorney has an ethical obligation to take reasonable measures to avoid the disclosure of confidential or work product materials imbedded in the electronic discovery." The Committee adds a caveat that not "every inadvertent disclosure of privileged or work product material would constitute a violation of Rules 1.1 and/or 1.6 since each case would have to be evaluated based on the facts and circumstances applicable thereto." [2007-09]

YES

"Subject to any legal standards or requirements (case law, statutes, rules of procedure, administrative rules, etc.), this Committee believes that there is no ethical violation if the recipient attorney (or those working under the attorney's direction) reviews or makes use of the metadata without first ascertaining whether the sender intended to include such metadata." [2007-09]

NO

The Committee stated that, because Maryland's Rules of Professional Conduct had not been amended to include ABA Model Rule 4.4(b), they "do not require the receiving attorney to notify the sending attorney that there may have been an inadvertent transmittal of privileged (or, for that matter, work product) materials." Nevertheless, the Committee stated that "the receiving attorney can, and probably should, communicate with his or her client concerning the pros and cons of whether to notify the sending attorney and/or to take such other action which they believe is appropriate." [2007-09]

MINNESOTA
Lawyers Professional Responsibility Board

Opinion No. 22

REASONABLE CARE

"A lawyer has a duty under the Minnesota Rules of Professional Conduct (MRPC), not to knowingly reveal information relating to the representation of a client, except as otherwise provided by the Rules, and a duty to act competently to safeguard information relating to the representation of a client against inadvertent or unauthorized disclosure. See Rules 1.1, 1.6, MRPC. The lawyer's duties with respect to such information extends to and includes metadata in electronic documents. Accordingly, a lawyer is ethically required to act competently to avoid improper disclosure of confidential and privileged information in metadata in electronic documents." [No. 22]

FACT SPECIFIC

Opinion 22 does not establish a bright-line rule regarding the mining of metadata. Instead, the Board wrote that the opinion "is not meant to suggest there is an ethical obligation on a receiving lawyer to look or not to look for metadata in an electronic document. Whether and when a lawyer may be advised to look or not to look for such metadata is a fact specific question beyond the scope of this opinion." [No. 22]

YES

"If a lawyer receives a document which the lawyer knows or reasonably should know inadvertently contains confidential or privileged metadata, the lawyer shall promptly notify the document's sender as required by Rule 4.4(b), MRPC." [No. 22]

MISSISSIPPI
Mississippi Bar Ethics Committee

Opinion No. 259

REASONABLE CARE

The Mississippi Ethics Committee found that "an attorney has an affirmative duty to take reasonable precautions to ensure that confidential metadata is not inadvertently revealed by an electronic document," but stressed that it was not establishing a new duty for lawyers. Rather, they were highlighting "a new category of confidential information which is subject to Rule 1.6" due to technological advances. [No. 259]

The Committee went on to discuss the "many ways" lawyers have available to protect confidential metadata, including "us[ing] specialized software which will remove metadata from a file before it is transmitted" or converting the file to PDF. [No. 259]

NO

The opinion cites the Preamble of the MRPC which states, in part: "A lawyer is a representative of clients, an officer of the legal system, and a public citizen having special responsibility for the quality of justice." In light of those principles, the Committee determined "that it is unethical for an attorney to mine metadata (i.e., actively search for confidential metadata) from an electronic document which the attorney receives from another party." [No. 259]

The Committee went on to describe such mining as "analogous to an attorney searching an opponent's unattended briefcase during a deposition break or using a listening device when an opposing attorney confers with his client in an adjoining room."

The Committee stated that there is no prohibition on the "passive use of metadata," and provided several examples including: using the "detail" view of a file in Windows file manager; looking at "Date created" to locate the most recent version of a document; using track changes when collaborating on a document with another attorney; or examining the formula used in an Excel spreadsheet to calculate the displayed number. [No. 150]

NOT ADDRESSED

The Mississippi opinion does not specifically address the issue of notice upon discovery of confidential metadata.

A separate opinion (No. 253, rendered 6/17/2005, amended 4/6/2013) addresses the somewhat related subject of inadvertent disclosure of attorney-client communications. On that subject, the Committee states that "fundamental decency requires that an attorney in possession of an opposing party's attorney-client communication for which the attorney-client privilege has not been intentionally waived should advise opposing counsel of the fact of its disclosure, regardless of the specific facts surrounding disclosure." [No. 253]

That opinion states that, following disclosure, the parties can turn to the legal implications of the disclosure. [No. 253]

NEW HAMPSHIRE
New Hampshire Bar Association - Ethics Committee

Opinion 2008-2009/4

REASONABLE CARE

Identifying that the "[e]xchange of electronic documents is an essential part of modern law practice," the New Hampshire Bar Association's Ethics Committee held that "a sending lawyer who transmits electronic documents or files has a duty to use reasonable care to guard against disclosure of metadata that might contain confidential communication." [2008-2009/4]

The committee added that "what constitutes reasonable care will depend upon the facts and circumstances" and therefore "there can be no per se rule on transmission of metadata." [2008-2009/4]

NO

"The objective standard dictates a conclusion that receipt of confidential information in the form of metadata is the result of inadvertence, just as receipt of attorney notes stapled to a draft document would necessarily be the result of inadvertence. As a result, Rule 4.4(b) imposes an obligation on the receiving lawyer to refrain from reviewing the metadata." [2008-2009/4]

YES

"To the extent that metadata is unintentionally reviewed, receiving lawyers should abide by the directives set forth in Rule 4.4(b)." [2008-2009/4]

New Hampshire's Rule 4.4(b) provides that a "lawyer who receives materials relating to the representation of the lawyer's client and knows that the material was inadvertently sent shall promptly notify the sender and shall not examine the materials. The receiving lawyer shall abide by the sender's instructions or seek determination by a tribunal." [NHRPC 4.4(b)]

NEW YORK
New York State Bar Association - Committee on Professional Ethics

Opinion 749
Opinion 782

Association of the Bar of the City of New York - Committee on Professional and Judicial Ethics

Formal Opinion 2003-04

REASONABLE CARE

The New York State Bar Association's Committee on Professional Ethics noted generally that "a lawyer who uses technology to communicate with clients must use reasonable care with respect to such communication, and therefore must assess the risks attendant to the use of that technology and determine if the mode of transmission is appropriate under the circumstances." The extent of reasonable care "will vary with the circumstances."[782]

With regard specifically to metadata, the NYSBA Committee concluded its opinion by stating that "[l]awyers have a duty under DR 4-101 to use reasonable care when transmitting documents by e-mail to prevent the disclosure of metadata containing client confidences or secrets." [782]

NO

The Committee held that "in light of the strong public policy in favor of preserving confidentiality as the foundation of the lawyer-client relationship, use of technology to surreptitiously obtain information that may be protected by the attorney-client privilege, the work product doctrine or that may otherwise constitute a "secret" of another lawyer's client would violate the letter and spirit of these Disciplinary Rules." [749]

YES

The ABCNY's Committee on Professional and Judicial Ethics concluded that an attorney who receives a communication and is exposed to its contents "prior to knowing or having reason to know that the communication was misdirected ... is not barred, at least as an ethical matter, from using the information," but also stated that "it is essential as an ethical matter that a receiving attorney promptly notify the sending attorney of an inadvertent disclosure in order to give the sending attorney a reasonable opportunity to promptly take whatever steps he or she feels are necessary to prevent any further disclosure." [2003-04]

REASONABLE CARE

Citing to comment [20] of North Carolina's Rule 1.6, the North Carolina State Bar's Ethics Committee declared that "a lawyer who sends an electronic communication must take reasonable precautions to prevent the disclosure of confidential information, including information in metadata, to unintended recipients."

The stated that reasonableness "depends upon the circumstances including, for example, the sensitivity of the confidential information that may be disclosed, the potential adverse consequences from disclosure, any special instructions or expectations of a client, and the steps that the lawyer takes to prevent the disclosure of metadata." [2009 Formal Ethics Opinion 1]


NO

Addressing this question, the Committee states flatly that "a lawyer may not search for confidential information embedded in metadata of an electronic communication from another party or a lawyer for another party. By actively searching for such information, a lawyer interferes with the client-lawyer relationship of another lawyer and undermines the confidentiality that is the bedrock of the relationship." [2009 Formal Ethics Opinion 1]

YES

After stating that lawyers may not mine electronic documents for metadata, the Committee continued to write that "if a lawyer unintentionally views confidential information within metadata, the lawyer must notify thesender and may not subsequently use the information revealed without the consent of the other lawyer or party." [2009 Formal Ethics Opinion 1]

REASONABLE CARE

Addressing this question, Oregon begins by noting that Oregon RPC 1.1 and 1.6, when read together, "indicate that a lawyer is responsible for acting competently to safeguard information relating to the representation of a client in communications with others," and that a lawyer communicating electronically must "maintain at least a basic understanding of the technology and the risks of revealing metadata" or must "obtain and utilize adequate technology support."

With this established the opinion then goes on to state that a lawyer "must use reasonable care to avoid the disclosure of confidential client information, particularly where the information could be detrimental to a client." For electronic documents, this "includes taking steps to prevent the inadvertent disclosure of metadata, to limit the nature and scope of the metadata revealed, and to control to whom the document is sent." Oregon also notes that reasonable care "will change as technology evolves." [Formal Opinion No. 2011-187]

YES, as long as special software is not used to thwart the sender's reasonable efforts to remove or screen metadata.

Oregon states that the applicable rule "does not require the receiving lawyer to return the document unread or to comply with a request by the sender to return the document." Instead, the opinion suggests that this is a "matter of professional judgment reserved to the lawyer," but that the lawyer should "consult with the client about the risks of returning the document versus the risks of retaining and reading the document and its metadata."

Finally, Oregon says that using special software to mine for metadata "when it is apparent that the sender has made reasonable efforts to remove the metadata may be analogous to surreptitiously entering the other lawyer's office to obtain client information and may constitute 'conduct involving dishonesty, fraud, deceit or misrepresentation'." [Formal Opinion No. 2011-187]

NO

Oregon notes that, because the sender has an obligation to exercise reasonable care to avoid sending confidential information, the receiving lawyer "could reasonably conclude that the metadata was intentionally left in." Therefore, "there is no duty under Oregon RPC 4.4(b) to notify the sender of the presence of metadata." [Formal Opinion No. 2011-187]

REASONABLE CARE

The Pennsylvania Committee "believes that the Pennsylvania Rules of Professional Conduct require that the responsibility of keeping client confidences is primarily that of the sending attorney" and thus the "transmitting attorney has a duty of reasonable care to remove unwanted metadata from electronic documents before sending them to a third party." [2009-100]

CASE-BY-CASE

The Pennsylvania Committee does not take a definitive stance on the mining of metadata. Rather, it suggests that attorneys must determine whether to use metadata on a case-by-case basis, factoring in their duties to the client under Rules 1.1, 1.2, and 1.4. Those "duties must be evaluated in light of relevant substantive and procedural law." [2009-100]

The Committee concludes that a receiving lawyer:

"(a) must then determine whether he or she may use the data received as a matter of substantive law;

(b) must consider the potential effect on the client's matter should the lawyer do so; and,

(c) should advise and consult with the client about the appropriate course of action under the circumstances." [2009-100]

YES

In its opinion, the Committee noted that "attorneys in Pennsylvania who receive inadvertently disclosed documents have an ethical obligation to promptly notify the sender." And thus, if the recipient of an electronic document "concludes that the disclosure of metadata was inadvertent, the lawyer must promptly notify the sender of the receipt of the materials containing metadata." [2009-100]

REASONABLE CARE

Citing the "virtually unanimous" view on the topic amongst other bar associations, Vermont "agrees that, based upon the language of the [Vermont Rules of Professional Conduct[, a lawyer has a duty to exercise reasonable care to ensure that confidential information protected by the attorney client privilege and the work product document is not disclosed. This duty extends to all forms of information handled by an attorney, including documents transmitted to opposing counsel electronically that may contain metadata embedded in the electronic file." [2009-01]

YES

After reviewing other opinions, "the Vermont Bar Association Professional Responsibility Section finds nothing to compel the conclusion that a lawyer who receives an electronic file from opposing counsel would be ethically prohibited from reviewing that file using any available tools to expose the file's content, including metadata." The Section suggests that such a rule would limit "the ability of a lawyer diligently and thoroughly to analyze material received from opposing counsel." [2009-01]

The Section does not address whether inadvertent disclosure via metadata constitutes a waiver of a document's privileged status. That is a "question of substantive law" and the Section's research did not reveal "any case law in Vermont addressing the impact of inadvertent disclosure of privileged documents." [2009-01]

YES

The Section states that, under VRPC Rule 4.4(b), "Vermont lawyers are subject to the obligation to notify opposing counsel if they receive documents that they know or reasonably should know were inadvertently disclosed." [2009-01]

REASONABLE CARE

Washington's Rules of Professional Conduct Committee stated that the sending lawyer "must make reasonable efforts to ensure that electronic metadata reflecting protected information is not disclosed in conjunction with the exchange of documents related to the presentation--i.e. that it is not reasily accessible to the receiving party." The Committee noted that this could be accomplished by disclosing documents in hard copy, via fax, PDF, "or by 'scrubbing' the metadata from electronic documents using software utilities designed for that purpose." [Advisory Opinion 2216]

YES, as long as special software is not used to recover metadata that is not readily accessible.

The Washington Committee begins by stating that under the applicable ethical rules the recipient "is not required to refrain from reading the document, nor is [the recipient] required to return the document to [the sender]," though it's possible that the recipient may be "under a legal duty separate and apart from the ethical rules to take additional steps with respect the document."

The Committe then discusses the use of "special forensic software to recover metadata that is not readily accessible or has otherwise been 'scrubbed'." The Committee writes that using such software would run contrary to Washington RPC 4.4(a), 8.4(d), and the public policy of preserving confidentiality between attorney and client. Thus, the Comittee writes that "the use of special software to recover, from electronic documents, metadata that is not readily accessible does violate the ethical rules." [Advisory Opinion 2216]

YES

The opinion states that upon discovering the presence of metadata, the receiving lawyer "has an ethical duty to 'promptly notify' [the sender] that the disclosed document contains readily accessible metadata." [Advisory Opinion 2216]

REASONABLE CARE

Outside of a discovery/subpoena context, lawyers transmitting documents have an obligation under Washington, D.C. rules "to take reasonable steps to maintain the confidentiality of the documents in their possession," which "includes taking care to avoid providing electronic documents that inadvertently contain accessible information that is either a confidence or a secret and to employ reasonably available technical means to remove such metadata before sending the document." [341]

NO, if actual knowledge that metadata was sent inadvertently.

While identifying that the exchange of metadata is most often "mutually helpful or otherwise harmless," the Washington, D.C. Committee concluded that "[w]here there is ... actual prior knowledge by the receiving lawyer as to the inadvertence of the sender, then notwithstanding the negligence or even ethical lapse of the sending lawyer, the receiving lawyer's duty of honesty requires that he refrain from reviewing the metadata until he has consulted with the sending lawyer to determine whether the metadata includes privileged or confidential information." If such information is present, "the receiving lawyer should comply with the instructions of the sender." [341]

The Committee also specifies that a receiving lawyer has "actual prior knowledge if he is told by the sending lawyer of the inadvertence" before reviewing the document, or if the receiving lawyer "immediately notices upon review of the metadata that it is clear that protected information was unintentionally included." [341]

YES, if the recipient has actual knowledge that transmission of metadata was inadvertent.

The receiving lawyer in such a situation must consult "with the sending lawyer to determine whether the metadata includes privileged or confidential information" and "comply with the instructions of the sender" if that is the case. [341]

If the recipient is "uncertain whether the sender intended to include particular information" he or she "should contact the sending lawyer to inquire." [341]

WEST VIRGINIA
West Virginia Bar Association, Lawyer Disciplinary Board

L.E.O. 2009-01

REASONABLE CARE

A lawyer's duties under Rule 1.1 and Rule 1.6 "includes taking care to avoid providing electronic documents that inadvertently contain accessible information that is either confidential or privileged, and to employ reasonable means to remove such metadata before sending the document. Accordingly, lawyers must either acquire sufficient understanding of the software that they use or ensure that their office employs safeguards to minimize the risk of inadvertent disclosures." [2009-01]

NO, if actual knowledge that metadata was sent inadvertently.

The Board stated that "if a lawyer has received electronic documents and has actual knowledge that metadata was inadvertently sent, the receiving lawyer should not review metadata before consulting with the sending lawyer to determine whether the metadata includes work-product confidences." [2009-01]

However, the Board also noted that "[i]n many situations, it may not be clear whether the disclosure was inadvertent. In order to avoid misunderstandings, it is always safer to notify the sender before searching electronic documents for metadata. If attorneys cannot agree on how to handle the matter, either lawyer may seek a ruling from a court or other tribunal on the issue." [2009-01]

YES, if the recipient lawyer has actual knowledge that the metadata was inadvertently sent.

In that case the lawyer "should not review the metadata before consulting with the sending lawyer to determine whether the metadata includes work-product or confidences." [2009-01]

The Board also noted that when there is doubt as to whether metadata was sent inadvertently, "it is always safer to notify the sender before searching electronic documents for metadata." [2009-01]

WISCONSIN
State Bar of Wisconsin Ethics Committee

Ethics Opinion EF-12-01

REASONABLE CARE

Noting that lawyers regularly transmit "electronic documents containing information relating to the representation of their clients," the Wisconsin Ethics Committee stated that the Bar's rules regarding confidentiality and competence "require lawyers to stay reasonably informed about the types of metadata that are included in electronic documents they generate and take steps, when necessary, to remove the metadata."

The Committee reviewed other ethics opinions regarding metadata and agreed "that Wisconsin lawyers likewise have a duty to take reasonable precautions to avoid disclosure of confidential information contained in metadata."

The Committee stated that the specific precautions would "vary according to the circumstances of each use," and in some cases metadata may be of no importance or may be appropriately and deliberately left intact Lawyers are also required "to familiarize themselves sufficiently with the technological means to detect and remove, when necessary, metadata from electronic documents or obtain assistance of someone possessing such knowledge." The Committee declined to address specific methods of metadata removal. [EF-12-01]

YES

Reviewing other bar opinions regarding metadata, the Committee noted that there is a "pronounced split regarding whether it is permissible for lawyers to mine for and use metadata received from opponents or third parties." That split was apparently echoed within the Committee, with a minority arguing that "because the only metadata worth searching for consists of another's property whose value may be diminished, destroyed or misappropriated by the very act of discovery, searching for metadata is either potentially dishonest (if the information is material) or pointless (if it is not)."

Nevertheless, the majority of the Committee determined that applicable Wisconsin rules "do not prohibit lawyers from searching for and reviewing metadata included in an electronic document."

The Committee adds one final cautionary note regarding lawyers who appear in multiple jurisdictions. Given that rules for other courts may prohibit reviewing metadata without the sender's approval, and because "it is difficult to shield oneself from information once discovered," the Committee provided that a lawyer who deliberately searches for metadata before such a tribunal could be "courting a violation" of Wisconsin's prohibition on the knowing violation of a tribunal's rules. [EF-12-01]

YES

The Committee wrote that "absent circumstances indicating otherwise, a receiving lawyer should normally assume that any metadata of material significance that is exposed in an opposing counsel's electronic document was inadvertently transmitted."

As such, Wisconsin's enactment of MRPC Rule 4.4(b) regarding Respect for Rights of Third Parties applies, and a "lawyer who chooses to review a document for metadata, and discovers metadata of material significance, must notify the sender of the discovery of the metadata." The Committee stresses, however, that the Rules do not impose "any duty beyond notification of the sender."

The Committee also added that the duty of notification "supersedes the duty of confidentiality," meaning that "a lawyer discovering metadata of material significance must notify the sender even if the lawyer's client instructs the lawyer not to provide such notification." [EF-12-01]