Lawyers Need to Make Sure Their Cars Aren’t Revealing Client Confidences
Everyone should be concerned about privacy whether or not they believe it still exists. But lawyers should consider the possibility that client confidences could be revealed by the cars they drive.
American Bar Association Model Rule of Professional Conduct 1.6 requires attorneys to keep confidential the information relating to the representation of a client. But here’s the thing: Whereas intent is needed to violate a criminal statute, attorneys can violate ethics rules without having any intent to violate (see, e.g., Phillips v. State Bar, 49 Cal.3d 944, 952 (1989) (a willful violation of a rule does not require that the lawyer intended to violate the rule)). An attorney who accidentally reveals confidential client information still commits an ethical violation.
Subsection (c), related to protection of privacy, was added to Model Rule 1.6. It reads, “A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.”
Now, many lawyers (for the sake of convenience) use their phones for the same purposes as their office computers: to communicate with clients via voice, email, and text, to do research, and to draft documents. So, do you leave your phone with the valet when you park or with the attendant who takes your car when you wash it? Maybe you do. Still, you’re probably safe at most parking lots and car washes—unless someone steals your car and, with it, your phone. And note that modern keyless vehicles have become more vulnerable to theft thanks to cloning devices such as JBL Unlock + Start (see Joseph Cox, The Car Thieves Using Tech Disguised Inside Old Nokia Phones and Bluetooth Speakers, Motherboard (Apr. 18, 2023)).
Lawyers Having Sex with Clients Should Avoid Nissans and Kias, Particularly
Model Rule 1.8 forbids sexual relations with clients. Well, Nissan admits in its privacy policy to collecting information that includes sexual activity, health diagnosis data, and genetic data (“Privacy Nightmare on Wheels,” Mozilla, supra). Kia, according to its privacy policy, can collect information about a user’s “sex life.” Six car companies say they can collect “genetic information” or “genetic characteristics” (id.).
By far, the two most asked questions Mozilla received from their readers in response to its article “Privacy Nightmare on Wheels” (id.) were “How is Nissan collecting information about my sexual activity?” and “How is this even legal?” (Jen Caltrider et al., “Is This Even Legal?” Our Top Cars-and-Privacy Question, Answered (Sept. 25, 2023) (boldface in original)). Lawyers ought not have sex with clients, but those who do should not drive Kias or Nissans.
By the way, a growing number of jurisdictions now consider sexting with a client to be a violation of Rule 1.8, too. “Sext messages” get sucked from phones like everything else. Accordingly, Rule 1.8 violators should avoid U.S. Customs and Border Protection.
Sharing Isn’t Caring as to Law Enforcement
Car makers, beyond unnecessarily collecting too much personal data, share all that data with many others. Nissan (again!) says it can sell consumers’ “preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes” to data brokers, law enforcement, and other third parties (“Privacy Nightmare on Wheels,” Mozilla, supra).
Fifty-six percent of the car makers will share data with law enforcement upon request—no subpoena needed. Most (92 percent) give users little to no control over personal data; only Renault and Dacia (owned by the same parent company) allow personal data to be deleted (id.).
Commercial drivers, on the other hand, have the opportunity to review “all information generated by ELDs,” according to the U.S. Department of Transportation (Bill Mahorney & Karyn Gorman, U.S. Dep’t of Transp., Fed. Motor Carrier Safety Admin., Privacy Impact Assessment: Electronic Logging Device (ELD) System (Dec. 20, 2021)).
Volkswagen collects demographic data (e.g., age and gender) and driving behaviors (e.g., your seatbelt and braking habits) for targeted marketing purposes (“Privacy Nightmare on Wheels,” Mozilla, supra). Toyota has “a near-incomprehensible galaxy of 12 privacy policy documents” (id.). Mercedes-Benz manufactures certain models with TikTok, which has its own privacy issues, pre-installed (id.).
Maybe Siri, Alexa, and Ring users know they’ve relinquished some privacy in order to use those devices. But car drivers?
Prospective drivers are tested on the meanings of graphic road signs, awareness of intoxication levels, ability to discern appropriate driving speeds, and more, all for the sake of safety. Given the dangers Internet-connected automobiles present, shouldn’t transportation privacy laws be a subject added to driver examinations?
The actress and activist Alexandra Paul said, “The cars we drive say a lot about us.” Yes, they do, and far too much.